Ransomware
Ransom Cartel
First seen: 2021-12 • Status: active
Currently Active Threat
Ransom Cartel uses REvil code and appeared after REvil was shut down. They target big companies.
Overview
Ransom Cartel shares code with REvil. It emerged after REvil shutdown and targets enterprises.
How It Spreads
- • Initial access brokers
- • Exploitation
What It Does
- • File encryption
- • Data theft
- • REvil code base
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for REvil variants
MITRE ATT&CK Techniques
T1486, T1567
If You're Infected
- 1.
Follow REvil response procedures
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required