Ransomware Group

Cloak

Status: active • First seen 2022-12100+ known victims

Cloak buys access to company networks from other hackers instead of breaking in themselves. They target smaller businesses because they know these companies often cannot afford fancy security tools.

Overview

Cloak is a ransomware group that purchases initial access from access brokers rather than conducting their own intrusions. They focus on smaller targets that may lack sophisticated defenses.

Target Industries

SMB, Healthcare, Professional Services, Retail

How They Attack

  • Access broker usage
  • Double extortion
  • Credential exploitation
  • SMB focus

Notable Victims

Small businesses (2023), Regional healthcare providers

Is your business exposed?

How to Protect Against Cloak

  1. 1.

    Implement credential monitoring for leaked passwords

  2. 2.

    Enable MFA on all accounts

  3. 3.

    Deploy affordable backup solution

MITRE ATT&CK Techniques

T1078, T1486, T1567, T1021

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices