The leak of The Gentlemen’s “Rocket” backend database exposed the internal workings of a highly coordinated RaaS cartel, including chats, logs, payouts, and operational roles. Check Point Research found the group used edge-device exploitation, NTLM relay workflows, AI-assisted tooling, and aggressive double-extortion tactics across victims such as a UK software consultancy and a Turkish company. #TheGentlemen #Rocket #CheckPointResearch #zeta88 #Fortinet #Cisco #ZeroPulse #NetExec #gfreeze #RelayKing #CVE-2025-33073 #CVE-2024-55591 #CVE-2025-32433 #BlackBasta #DeepSeek #Qwen
Keypoints
- The Gentlemen’s internal “Rocket” database was leaked on underground forums.
- The leak exposed 9 accounts and the administrator zeta88.
- Check Point Research analyzed 16 GB of chats, logs, and transaction data.
- The group exploited Fortinet and Cisco edge devices and tracked multiple CVEs.
- The Gentlemen used AI tools, double extortion, and affiliate-based profit sharing.
Read More: https://securityonline.info/the-gentlemen-ransomware-rocket-database-leak-operations-exposed/