The Xinglocker ransomware has been carrying out attacks since its first appearance around May 2021. It targets companies that use the Windows operating system. After finding some access to the victim’s system, whether through email campaigns, malicious links, or human inadvertence, the malware begins to act upon the data. After encryption, Xinglocker generates a text file “READ_ME.txt”. In it, there

The HelloKitty ransomware, also known as FiveHands, has become quite relevant, to the point of drawing the attention of CISA and the FBI. The group was first spotted in December 2020 and remains active to this day. Their biggest publicized attack was on CD Projekt Red, the electronic game company known for “The Witcher” franchise. HelloKitty uses the RRansomware as

According to the data, the first appearance of the Darkside Ransomware happened around August 2020. Since then, the group behind the Darkside attacks has been targeting companies in all industries around the world. The vision of Ransomware as a Service (RaaS) is becoming more and more democratized among cybercriminals. It makes it possible for any malware owner to carry out

The Qlocker ransomware has been active once again with waves of attacks this year. This ransomware has been using, like the others, the Ransomware as a Service (RaaS) strategy. This allows the destructive power of a ransomware attack to be made accessible to anyone. Qlocker’s primary target has been the specialized manufacturer of network storage solutions, QNAP. More precisely, the

The Midas ransomware is one of the variations of the Thanos ransomware that has emerged recently, Thanos was a large group that emerged in 2020, after numerous attacks the group disappeared, after a few months the malware’s source code was leaked, from this leak emerged the Prometheus, Spook, Haron, and the newest ransomware of the group, Midas. There is still

The Netwalker ransomware is among the big ransomware groups, together with REvil Sodinokibi, LockBit. 2.0 and Conti. The group has specialized in attacks on large corporations. The ransomware was created by the hacker group Circus Spider, which in turn is part of an even larger group, the Mummy Spider. This structure shows that ransomware attacks have become a highly profitable

Ranion ransomware has drawn attention on dark web forums for its low sale price. The group operates with RaaS (Ransomware as a Service) tactics. The group has offered free trials to its buyers, after which they are charged prices of 0.95 Bitcoin/year ($960/year) or 0.6 Bitcoin/6 months ($605/6 months). This easy access to a powerful ransomware like Ranion is extremely

Exorcist ransomware has appeared on Russian dark web forums looking for affiliates willing to carry out attacks with its malware, the group offers 70% of the ransom to its affiliates. This tactic is called RaaS (Ransomware as a Service), which is the outsourcing of attacks, is used to expand the group’s influence. Affiliates have a certain amount of freedom to

The Pandora ransomware appears to be a variation of the Rook ransomware, the group was first seen in March 2022. Pandora comes from a lineage of other powerful malware, such as Rook itself, which developed its malware based on the source code of the Babuk ransomware. The group primarily targets large corporations. Pandora is designed to spread as fast as

The Mindware ransomware is one of the newest groups in evidence, it is unclear whether it is actually a new group or an old group with a new name. The group was first seen in March of this year, and has already boasted numerous victims on its leak site. In May, the group ranked fifth among ransomware groups with the