Pietro Melillo : 20 February 2025 18:07
In the DarkLab group’s underground analysis activity, we ventured onto an onion site that is apparently a Data Leak Site (DLS) of a new ransomware cyber gang.
This new actor called Linkc, was the author of a recent heist against H2O.ai. Their Data Leak Site-a minimalist page devoid of any further information-leaks only the essentials: a leak of sensitive data and source code belonging to a company specialising in artificial intelligence.
Even though Linkc appears to be a brand-new group, their operation follows the well-known double extortion model:
Vuoi diventare un esperto del Dark Web e della Cyber Threat Intelligence (CTI)?
Stiamo per avviare il corso intermedio in modalità "Live Class", previsto per febbraio.
A differenza dei corsi in e-learning, disponibili online sulla nostra piattaforma con lezioni pre-registrate, i corsi in Live Class offrono un’esperienza formativa interattiva e coinvolgente.
Condotti dal professor Pietro Melillo, le lezioni si svolgono online in tempo reale, permettendo ai partecipanti di interagire direttamente con il docente e approfondire i contenuti in modo personalizzato.
Questi corsi, ideali per aziende, consentono di sviluppare competenze mirate, affrontare casi pratici e personalizzare il percorso formativo in base alle esigenze specifiche del team, garantendo un apprendimento efficace e immediatamente applicabile.
Per ulteriori informazioni, scrivici ad [email protected] oppure scrivici su Whatsapp al 379 163 8765
Supporta RHC attraverso:
Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo.
What’s novel in this case is the site’s extreme minimalism, featuring:
This approach could serve operational security purposes (reduced traceability) and create a stronger media impact by showcasing the target and stolen data right away.
Linkc’s first reported target is a company specializing in the development of Machine Learning platforms and AI services. According to the leak:
At present, we cannot confirm the accuracy of this information, as the organization has not released any official press statement on its own website regarding the incident. Therefore, this article should be viewed as an “intelligence source.”
Linkc has made its debut on the cybercrime scene with an intimidating approach and a minimalist web presence. Their choice to target H2O.ai highlights their inclination to go after organizations involved in Artificial Intelligence, potentially to monetize high-value data and technologies. For cybersecurity professionals, it is essential to:
The cybercrime world is constantly evolving, and Linkc is yet another confirmation of that trend. It remains to be seen whether this group will launch more high-profile attacks or focus on selected cases. In the meantime, security experts must further refine their monitoring and defense tools, preparing for new digital extortion tactics.
As is our custom, we extend an invitation to the company involved to provide any updates on the incident. We will be glad to publish those details in a dedicated article to shed more light on the situation.
RHC will continue monitoring the matter to post any significant developments on the blog. Anyone with relevant information who wishes to remain anonymous can use the whistleblower’s encrypted email address.