need more info please
So is this group of scammers is breaking into companies then encrypting? "Initial access is gained through the ProxyShell vulnerability chain"
and not the normal - trick you into installing x?
if so, I want to know more about this ProxyShell Vulnerability.