Expert Insights

Cuba Ransomware targets the Windows operating system. It was discovered by Ravi, an American Ransomware hunter. Its attacks are carried out through email campaigns. The emails contain a link to “subscribe” to a service document, delivery of the malware is via this macro-loaded Word document, which contains a Hancitor payload, which is downloaded and opened. Hancitor is a downloader that

LV ransomware has its code structure based on the structure of the REvil Sodinokibi ransomware, which was the tormentor of numerous companies after a wave of attacks in the United States. After those attacks, the REvil group ceased its activities because of the attention its attacks received from the US government. It is unclear whether the group passed its code

The Prometheus ransomware first appeared in February 2021, the FBI has issued an alert about it. It is a variant of the Thanos ransomware and claims to be an extension of the REvil Sodinokibi group, but there is no concrete evidence of a link between the two groups. This tactic is used by newly created groups that do not yet

A series of attacks by the HiveLeaks ransomware has garnered attention around the world, the FBI has issued a flash alert on attacks by this group. This extension is relatively new, their first appearance was in June 2021, they made a successful attack on Altus Group, a commercial real estate software development company, the amount requested for the ransom was

The Vice Society ransomware attacks led to an update to the Windows print spooler code. The port the group used for their attacks became known as “PrintNightmare”, the Windows update aimed to close this port. This flaw was in the printing system, after failing to execute the Spooler the hackers could access the operating system which granted them the same