Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks.
"Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might be flagged by
Error happened!
0 - count(): Argument #1 ($value) must be of type Countable|array, null given
In: /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php:428
http://ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/?2023-04-23-Vice-Society-Ransomware-Using-Stealthy-PowerShell-Tool-for-Data-Exfilt
#0 /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php(999): VroumVroum_Blog->update()
#1 /var/www/ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/index.php(1): require_once('...')
#2 {main}