Ransomware Group

RansomEXX

Also known as: Defray777, Defray

Status: active • First seen 2018-01150+ known victims

RansomEXX attacks governments and transportation systems. They can hit both Windows computers and Linux servers, making them a threat to almost any organization.

Overview

RansomEXX is a sophisticated ransomware that has targeted government organizations and transportation systems. The group has variants for both Windows and Linux.

Target Industries

Government, Transportation, Technology, Manufacturing

How They Attack

  • Cross-platform attacks
  • Government targeting
  • Double extortion
  • Trojanized tools

Notable Victims

Texas TxDOT (2020), Brazilian government (2020), Konica Minolta (2020)

Is your business exposed?

How to Protect Against RansomEXX

  1. 1.

    Implement government security standards

  2. 2.

    Harden both Windows and Linux systems

  3. 3.

    Deploy cross-platform security monitoring

MITRE ATT&CK Techniques

T1486, T1567, T1078, T1021

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices