Masked Actors

Group-IB

True crime meets cybercrime. Discover the people behind the keyboard. From Ransomware-as-a-Service (RaaS) gangs to global financial crime syndicates, the rise of sophisticated cyber threats is reshaping the world. These aren’t lone hackers — they’re organized groups running multi-million dollar operations in the shadows. In the Masked Actors podcast, cyber threat expert and former soldier turned hacker Gary Ruddell joins forces with Nick Palmer, a seasoned financial crime fighter, to investigate the top 10 most dangerous cybercriminal groups of 2025 — drawn from Group-IB’s High-Tech Crime Trends Report. Each episode explores the tactics, motivations, and impact of major cybercrime groups, uncovering their role in the latest cybercrime, RaaS, and financial crime trends. You’ll learn how these actors exploit vulnerabilities, fuel geopolitical tension, and affect businesses and consumers alike. Tune in to Masked Actors — and stay one step ahead of cybercrime.

Episodes

  1. Brain Cipher: What happens when national infrastructure comes under strike?

    12/19/2025

    Brain Cipher: What happens when national infrastructure comes under strike?

    Send us a text Indonesia, June 2024 - 210 critical government agencies were crippled in one fell swoop. Immigration services were in disarray; customs officers locked out of critical systems and travellers left stranded in airport and ferry terminals facing delays that would continue for a full week. The culprit? Brain Cipher, a ransomware group barely a week old, which demanded a huge sum of $8M from Indonesia’s National Data Centre, bringing local government services to their knees. The chaos that followed lingers as a potent reminder of the widespread disruption across an entire nation that can stem from a single attack. Join Group-IB’s Gary Ruddell and Nick Palmer as they talk to Jennifer Soh, Cyber Investigation Lead for APAC at Group-IB, exploring what motivates cyber criminals to target national infrastructure, and what happens when the pillars that hold up our modern digital society - from government and defence to energy- are struck by cyber-attacks. Episode links: Group-IB's Top 10 Masked Actors Deciphering the Brain Cipher Ransomware Patch or Peril: A Veeam vulnerability incident By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    26 min
  2. Ajina: Can you really trust that app? 

    11/27/2025

    Ajina: Can you really trust that app? 

    Send us a text Cyber criminals are masters at exploiting human vulnerability and trust. In Uzbek folklore, there's a creature known for causing chaos, preying on humans, lurking in the dark and changing its face to trick its victims before it pounces.   In December 2023, it lent its name to a sophisticated Android malware campaign using the same tactics that emerged in the digital underworld. The banking malware masqueraded as legitimate applications, leaving users confused – like its folklorish namesake – and surfaced from the dark to steal everything they had. Its codename: Ajina.  Join Group-IB’s Gary Ruddell and Nick Palmer as they speak with Amy Grieveson, Director of Security and Behaviours at Monzo Bank, revealing the tricks used by financial fraudsters to get victims to hand over their most sensitive information. They discuss sophisticated social engineering deployed by cyber criminals, as well as how to flip the narrative around cyber defence from fear, to empowering consumers with the awareness and routines needed to maintain vigilance in a landscape rife with scams.  Episode links: Group-IB's Top 10 Masked Actors Ajina attacks Central Asia: Story of an Uzbek Android Pandemic By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    32 min
  3. MuddyWater & OilRig: The cyber espionage playbook

    10/28/2025

    MuddyWater & OilRig: The cyber espionage playbook

    Send us a text As digital infrastructure becomes the backbone of global economies, cyber espionage has quietly evolved into one of the most powerful tools in modern statecraft.  Behind the scenes, nation-backed threat groups like MuddyWater and OilRig operate sophisticated campaigns that blend malware, phishing, and social engineering to infiltrate governments, defence contractors, and critical industries. But these Advanced Persistent Threat groups aren’t motivated by fame or by fortune. They’re after insights on matters of national security, looking for long-term access to strategic intelligence, and preparing tactical disruption of their adversaries.   In this episode, Group-IB’s Gary Ruddell and Nick Palmer speak with Mansour Alhmoud, a cyber threat intelligence analyst at Group-IB responsible for tracking APT groups, to unearth how these groups operate and what organizations and governments should be doing to protect themselves against state-sponsored threats. Episode links: Group-IB's Top 10 Masked Actors Catching fish in muddy waters ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims SimpleHarm: Tracking MuddyWater’s infrastructure "We find many things that others do not even see" Mapping the Infrastructure and Malware Ecosystem of MuddyWater By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    24 min
  4. Joystick to Jailbreak: Exploring the Youth Cybercrime Pandemic

    09/23/2025

    Joystick to Jailbreak: Exploring the Youth Cybercrime Pandemic

    Send us a text Forget everything you think you know about hackers. Today’s cybercriminals aren’t lurking in shadowy basements - they’re teenagers mastering cheat codes on Roblox, swapping tips on Discord, and using AI to launch attacks from their bedrooms. Join Group-IB’s Gary Ruddell and Nick Palmer as they sit down with Fergus Hay, CEO and co-founder of The Hacking Games, to explore how cybercrime is becoming more accessible than ever. They dive into the rise of Ransomware-as-a-Service (RaaS), the impact of generative AI, and why the next wave of ethical hackers should be recruited from gaming platforms.. This episode unpacks the motivations driving young hackers, the pathway from gaming to cybercrime, and the urgent need to rethink how we recruit and inspire the next generation of cybersecurity defenders. Episode links: Group-IB's Top 10 Masked Actors By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    1h 14m
  5. RansomHub: From RaaS Kingpin to Cartel Mystery

    08/27/2025

    RansomHub: From RaaS Kingpin to Cartel Mystery

    Send us a text When RansomHub, one of the most prolific ransomware groups, vanished overnight back in April, it sent shockwaves through the cybercriminal underworld. With over 600 global attacks and millions extorted, their sudden disappearance left affiliates scrambling and researchers asking: what happened? Join Group-IB’s Gary Ruddell and Nick Palmer as they speak with Pietro Albuquerque, a threat intelligence analyst at Group-IB and a leading expert on RansomHub, to unpack the rise and fall of this ransomware cartel. They explore how RansomHub’s affiliate-friendly model disrupted the RaaS market, why its tactics proved so effective, and where its members may have gone. From double extortion to underground job markets, this episode reveals the hidden mechanics of ransomware operations and what businesses must do to stay ahead of the next wave. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe now to meet these Masked Actors — and stay one step ahead in the fight against cybercrime. Episode links: Group-IB's Top 10 Masked Actors RansomHub ransomware-as-a-service RansomHub Never Sleeps: The evolution of modern ransomware Ransomware debris: an analysis of the RansomHub operation Ransom notes from the most active groups By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    40 min
  6. DragonForce: The Cyber Cartel Helping Hackers Hit the High Street

    07/29/2025

    DragonForce: The Cyber Cartel Helping Hackers Hit the High Street

    Send us a text Empty shelves, lost customers, and hundreds of millions of pounds in lost profit are just some of the outcomes that retailers have faced in the wake of recent ransomware attacks. From the Co-operative to M&S, the recent cyber attacks on UK retail giants have dominated headlines and wreaked havoc that’s been felt by customers, staff, and government officials alike.  The culprits behind it? A highly organised group of ransomware specialists, codename: DragonForce.  Join Group-IB’s Gary Ruddell and Nick Palmer as they speak with Jason Rebholz, an expert on the ransomware ecosystem, with over a decade of experience performing forensic investigations into complex cyberattacks.  In this episode, they unpack how DragonForce evolved into a ransomware cartel, franchising their malware to affiliates like Scattered Spider, whose sophisticated social engineering tactics have significantly disrupted UK retail. They explore the wide-ranging impact on both businesses and consumers, offering insights into how each can better protect themselves. Finally, they examine the role of policy and regulation in preventing future attacks and strengthening cyber resilience. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe now to meet these Masked Actors — and stay one step ahead in the fight against cybercrime. Episode links: Group-IB's Top 10 Masked Actors Inside the Dragon: DragonForce Ransomware Group By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    30 min
  7. Lazarus: Is your best IT worker really a North Korean hacker?

    06/11/2025

    Lazarus: Is your best IT worker really a North Korean hacker?

    Send us a text In December 2014, Sony Pictures announced they were cancelling the release of Seth Rogan’s newest venture The Interview due to a large-scale cyberattack. And in February of this year, global cryptocurrency exchange Bybit suffered a massive attack resulting in the theft of $1.5 billion.  These masked actors are still active. But now, they’ve turned their attention to companies like yours... Join Group-IB’s Gary Ruddell and Nick Palmer as they speak with Geoff White, one of the worlds leading journalists covering organized crime and tech and the author of The Lazarus Heist – From Hollywood to High Finance: Inside North Korea’s Global Cyber War as they explore the infamous Lazarus group. In this episode, they delve into the groups’ latest modus operandi – infiltration campaigns, whereby North Korean hackers pose as remote IT employees to funnel information through the backdoor and leave logic bombs in code that they can trigger years or months down the line. They look at how this shifts the responsibility model for cybersecurity, requiring vigilance from across the organisation for unusual behaviour. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe now to meet these Masked Actors — and stay one step ahead in the fight against cybercrime. Episode links: Group-IB's Top 10 Masked Actors Lazarus Arisen: Architecture, Tools and Attribution Stealthy Attributes of Lazarus APT Group: Evading Detection with Extended Attributes APT Lazarus: Eager Crypto Beavers, Video calls and Games By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    37 min
  8. GoldFactory: The cybercriminals who want to steal your face

    05/13/2025

    GoldFactory: The cybercriminals who want to steal your face

    Send us a text If a cybercriminal steals your password, you can change it. But what happens if they steal your face?  Former soldier turned hacker, Gary Ruddell and financial crime veteran, Nick Palmer, explore the actors behind GoldFactory - a cybercriminal group stealing users' facial recognition data to clean out victims bank accounts. Joined by Craig Jones, who spent five years at Interpol as the director of cybercrime, Group-IB's Gary and Nick explore how masked actors are exploiting AI and Deepfakes for financial gain.  In this episode, they dig into the novel tactics of this Chinese-speaking group who created a first of its kind iOS trojan to steal biometric data and bypass banking facial recognition security systems. Together they unpick how cybercriminals are adopting new technologies and franchising their efforts to manipulate more victims and increase their payoff. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe now to meet these Masked Actors — and stay one step ahead in the fight against cybercrime. Episode links: Group-IB's Top 10 Masked Actors Face Off: Group-IB identifies first iOS trojan stealing facial recognition data Gold Rush is back to APAC: Group-IB unveils first iOS trojan stealing your face By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    24 min

  9. SEASON 1 TRAILER

    Cybercriminals Exposed: Welcome to Masked Actors

    Send us a text Welcome to Masked Actors — a true crime-inspired podcast from Group-IB that brings you face to face with the people orchestrating some of the most sophisticated cyberattacks on the planet.  Join hosts Gary Ruddell — former soldier turned hacker and cyber threat expert — and Nick Palmer, a financial crime veteran, for the gripping new series which uncovers the tactics, motivations and real-world impact of the top 10 most prolific cybercriminal organizations of 2025. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe now to meet these Masked Actors — and stay one step ahead in the fight against cybercrime. By understanding who these actors are and how they operate, you can better anticipate threats and protect yourself in an increasingly hostile digital world. Subscribe to Group-IB's Masked Actors now — and stay one step ahead in the fight against cybercrime. FOLLOW GROUP-IB Group-IB Threat Intelligence on X: https://www.x.com/GroupIB_TI Group-IB on X: https://www.x.com/GroupIB Group-IB on LinkedIn: https://www.linkedin.com/company/group-ib Group-IB on Facebook: https://www.facebook.com/groupibHQ/ Group-IB on Instagram: https://www.instagram.com/groupibhq/...

    1 min

Trailer

Ratings & Reviews

5
out of 5
2 Ratings

About

True crime meets cybercrime. Discover the people behind the keyboard. From Ransomware-as-a-Service (RaaS) gangs to global financial crime syndicates, the rise of sophisticated cyber threats is reshaping the world. These aren’t lone hackers — they’re organized groups running multi-million dollar operations in the shadows. In the Masked Actors podcast, cyber threat expert and former soldier turned hacker Gary Ruddell joins forces with Nick Palmer, a seasoned financial crime fighter, to investigate the top 10 most dangerous cybercriminal groups of 2025 — drawn from Group-IB’s High-Tech Crime Trends Report. Each episode explores the tactics, motivations, and impact of major cybercrime groups, uncovering their role in the latest cybercrime, RaaS, and financial crime trends. You’ll learn how these actors exploit vulnerabilities, fuel geopolitical tension, and affect businesses and consumers alike. Tune in to Masked Actors — and stay one step ahead of cybercrime.

Information

  • Creator
    Group-IB
  • Years Active
    2K
  • Episodes
    9
  • Rating
    Clean
  • Copyright
    © 2025 Masked Actors
  • Show Website
    Masked Actors

You Might Also Like