Ransomware
Nokoyawa
First seen: 2022-02 • Status: active
Currently Active Threat
Nokoyawa ransomware uses advanced techniques including security bugs that no one knew about. It evolved from the Hive ransomware crew.
Overview
Nokoyawa is ransomware that emerged from Hive affiliates. It has been linked to zero-day exploitation and targets enterprises.
How It Spreads
- • Zero-day exploits
- • Vulnerability exploitation
What It Does
- • File encryption
- • Data theft
- • Exploits unknown vulnerabilities
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for exploitation attempts
- • Watch for Nokoyawa signatures
MITRE ATT&CK Techniques
T1486, T1190
If You're Infected
- 1.
Patch all systems immediately
- 2.
Engage incident response
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required