Ransomware Group

Cicada3301

Also known as: Cicada

Status: active • First seen 2024-0640+ known victims

Cicada3301 is written in Rust, a modern programming language that lets them attack both Windows computers and Linux servers with the same code. This makes them more dangerous because they can hit more systems.

Overview

Cicada3301 is a Rust-based ransomware operation with cross-platform capabilities. The group can encrypt both Windows and Linux systems, similar to the approach used by ALPHV/BlackCat.

Target Industries

Technology, Finance, Professional Services, Manufacturing

How They Attack

  • Rust-based payload
  • Cross-platform attacks
  • Double extortion
  • VMware targeting

Notable Victims

Tech companies (2024), Financial institutions

Is your business exposed?

How to Protect Against Cicada3301

  1. 1.

    Ensure EDR covers both Windows and Linux systems

  2. 2.

    Update Rust malware detection signatures

  3. 3.

    Monitor for cross-platform attack indicators

MITRE ATT&CK Techniques

T1486, T1567, T1059, T1490

Related Groups

Blackcat

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices