Ransomware Group

RedAlert

Also known as: N13V

Status: inactive • First seen 2022-0750+ known victims

RedAlert focused on attacking Linux servers and VMware systems. They wanted to be paid in Monero, a cryptocurrency that is harder to trace than Bitcoin.

Overview

RedAlert was a ransomware operation specifically designed to target Linux and VMware ESXi servers. The group demanded payment in Monero for added anonymity.

Target Industries

Technology, Enterprise, Hosting, Manufacturing

How They Attack

  • VMware targeting
  • Linux focus
  • Monero demands
  • Double extortion

Notable Victims

Enterprise VMware environments (2022), Hosting providers

Is your business exposed?

How to Protect Against RedAlert

  1. 1.

    Secure VMware infrastructure

  2. 2.

    Harden Linux servers

  3. 3.

    Monitor for Monero-demanding ransomware

MITRE ATT&CK Techniques

T1486, T1567, T1059, T1021

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices