Ransomware Group
Egregor
Also known as: Egregor Ransomware
Status: disrupted • First seen 2020-09 • 200+ known victims
Egregor was Maze 2.0 but got shut down quickly by police raids.
Overview
Egregor emerged after Maze shutdown but was disrupted by Ukrainian police.
Target Industries
Retail, Manufacturing, Transportation
How They Attack
- • QBot malware
- • Cobalt Strike
- • Phishing
Notable Victims
Kmart (2020), Crytek (2020), Ubisoft (2020)
Is your business exposed?
How to Protect Against Egregor
- 1.
Watch for affiliated groups
MITRE ATT&CK Techniques
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required