Expert Insights

Exorcist ransomware has appeared on Russian dark web forums looking for affiliates willing to carry out attacks with its malware, the group offers 70% of the ransom to its affiliates. This tactic is called RaaS (Ransomware as a Service), which is the outsourcing of attacks, is used to expand the group’s influence. Affiliates have a certain amount of freedom to

The Pandora ransomware appears to be a variation of the Rook ransomware, the group was first seen in March 2022. Pandora comes from a lineage of other powerful malware, such as Rook itself, which developed its malware based on the source code of the Babuk ransomware. The group primarily targets large corporations. Pandora is designed to spread as fast as

The Mindware ransomware is one of the newest groups in evidence, it is unclear whether it is actually a new group or an old group with a new name. The group was first seen in March of this year, and has already boasted numerous victims on its leak site. In May, the group ranked fifth among ransomware groups with the

The CryLock ransomware is a variant of the Cryakl ransomware, a group that was first seen in 2020, like its predecessor CryLock attacks large enterprises, although regular users are also part of its targets. The group uses various tactics to access the victim’s system, such as spam email campaigns, unsecured RDP ports, malicious downloads, and others. These are just a

The BabyDuck ransomware may seem harmless from its name, but believe me, it is not. The group is responsible for numerous attacks in recent months, it is just as destructive as any other ransomware group. BabyDuck uses the AES+RSA algorithm to encrypt the victim’s files, this algorithm is practically impossible to break, all files affected by it get the extension