Read The Manual Locker ransomware operation on the rise

The Hacker News reports that Russian-speaking cybercrime group Read The Manual Locker has been gaining traction in its ransomware-as-a-service operations. Affiliates are being leveraged by RTM Locker in dealing with its victims, a report from Trellix revealed. "The business-like set up of the group, where affiliates are required to remain active or notify the gang of their leave, shows the organizational maturity of the group, as has also been observed in other groups, such as Conti," said Trellix. While RTM Locker was previously linked to an extortion campaign employing the Quoter ransomware strain, no such association has been observed in the latest attacks, which have not targeted high-profile entities in a bid to better conceal its activities. "The RTM gang's goal is to attract as little attention as possible, which is where the rules help them to avoid hitting high-value targets. Their management of affiliates to accomplish that goal requires some level of sophistication, though it's not a high level per se," said researcher Max Kersten.