Expert Insights
Exorcist Ransomware
Exorcist ransomware has appeared on Russian dark web forums looking for affiliates willing to carry out attacks with its malware, the group offers 70% of the ransom to its affiliates. This tactic is called RaaS (Ransomware as a Service), which is the outsourcing of attacks, is used to expand the group’s influence. Affiliates have a certain amount of freedom to
Pandora Ransomware
The Pandora ransomware appears to be a variation of the Rook ransomware, the group was first seen in March 2022. Pandora comes from a lineage of other powerful malware, such as Rook itself, which developed its malware based on the source code of the Babuk ransomware. The group primarily targets large corporations. Pandora is designed to spread as fast as
Ransomware Mindware
The Mindware ransomware is one of the newest groups in evidence, it is unclear whether it is actually a new group or an old group with a new name. The group was first seen in March of this year, and has already boasted numerous victims on its leak site. In May, the group ranked fifth among ransomware groups with the
Entropy Ransomware
Entropy ransomware comes from a long line of malware that has been hacking and stealing data from large corporations for years, it is a variation of the DoppelPaymer ransomware and part of the EvilCorp gang. The gang has other ransomware such as WastedLocker, Hades and Phoenix. The EvilCorp group has become so large that the U.S. Treasury Department has placed
Ransomware CryLock
The CryLock ransomware is a variant of the Cryakl ransomware, a group that was first seen in 2020, like its predecessor CryLock attacks large enterprises, although regular users are also part of its targets. The group uses various tactics to access the victim’s system, such as spam email campaigns, unsecured RDP ports, malicious downloads, and others. These are just a
Ransomware BabyDuck
The BabyDuck ransomware may seem harmless from its name, but believe me, it is not. The group is responsible for numerous attacks in recent months, it is just as destructive as any other ransomware group. BabyDuck uses the AES+RSA algorithm to encrypt the victim’s files, this algorithm is practically impossible to break, all files affected by it get the extension