A recent examination has revealed links between associates of RansomHub and various ransomware factions, such as Medusa, BianLian, and Play.
This link arises from the utilization of a bespoke instrument that aims to deactivate endpoint detection and response (EDR) applications on infiltrated machines, as stated by ESET. The EDR disabling tool, referred to as EDRKillShifter, was initially recorded as being employed by RansomHub participants in