A suspected ransomware-as-as-service affiliate dubbed “ShadowSyndicate” has been observed operating with a single Secure Shell (SSH) fingerprint on 85 servers since July 2022 and has used seven different ransomware families to launch attacks during the past year.
Source: SC Magazine