Vice Society
Vice Society has been in the public eye since June 2021, mainly targeting small or middle-sizes companies in human-operated double extortion campaigns. The group is known for breaching networks by exploiting known vulnerabilities on unpatched systems. In August 2021, Cisco Talos researchers observed the group deploying a DLL that exploited CVE-2021-1675 and CVE-2021-34527, aka “PrintNightmare” flaws. During encryption, files are appended with the .v-society.[victim’s_ID] extension. Unless victims contact the threat actors within seven days, the stolen data will be publicized to their DLS. 26.2% of the victims posted on their dedicated data leak site (“DLS”) are educational-related entities. The groups DLS onion displays an old-style design and old HTML coding style, written in UK English.