See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Pope Francis
NFL
Baseball
Vatican
Motorsports
Real Madrid
Social Media
South America
Tennis
Golf
Catholic Church
Soccer
Published loading...Updated

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Summary by IT Security News - Cybersecurity, Infosecurity News
Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially… Read more → The post ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion appeared first on IT Security News.
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

4 Articles

All
Left
Center
Right
market-news24.commarket-news24.com

ToyMaker Partners with LAGTOY to Facilitate Access to CACTUS Ransomware Gangs for Double Extortion Schemes - Market-News24

Cybersecurity experts have identified an initial access broker called ToyMaker, which is linked to double extortion ransomware groups, including CACTUS. ToyMaker uses custom malware known as LAGTOY to gain access to vulnerable systems, allowing it to create reverse shells and execute commands remotely. Initially documented by Mandiant in early 2023, ToyMaker targets high-value organizations by ...

Read Full Article
cybernoz.comcybernoz.com

ToyMaker Uses LAGTOY To Sell Access To CACTUS Ransomware Gangs For Double Extortion - Cybernoz - Cybersecurity News

Apr 26, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). “LAGTOY can…

Read Full Article
The Hacker NewsThe Hacker News
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). "LAGTOY can be

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Saturday, April 26, 2025.
Sources are mostly out of (0)

Similar News Topics

You have read out of your 5 free daily articles.

Join us as a member to unlock exclusive access to diverse content.

News
For You
SearchBlindspotLocal