Qlocker Ransomware locks user files in password protected archives on QNAP server using 7z compression utility. Ransomware author demand a ransom of 0.01 BTC to get a password for their archived files.
Nitro Ransomware encrypts user data and ask them to buy them a Discord gift card worth $9.99 in 3 hours. Although it did not delete any files after 3 hours but they remain encrypted.
CRING ransomware encrypts business user and server data with AES-128 + RSA-8192 and then demands a ~ 2 BTC ransom to get the files back. After the malicious actors have established initial access, they drop a customized Mimikatz sample followed by CobaltStrike.
REvil Ransomware, also known as Sodinokibi, is a ransomware that infects a system or network, encrypts files, and demands a ransom to for decryption.
An unknown threat group is deploying a variant of Hades in targeted attacks against companies with annual revenue of more than $1 Billion dollar. The threat actors take a hands-on approach and use a mix of custom tools and file-less approaches.