As ransomware incidents continue to grow, Palo Alto Networks Unit 42 has discovered a new ransomware-as-a-service (RaaS) group. Unit 42 has released research on the group, Repellent Scorpius, and how they’re distributing Cicada3301 ransomware.
Highlights include:
- Based on the timeline from a Unit 42 IR engagement, it’s estimated that the ransomware group began their operations in May 2024
- Despite its recent inception, the group is quickly picking up pace by setting up an affiliate program and recruiting partners. This has increased its number of victims
- Repellent Scorpius employs a double extortion scheme of encrypting systems. This entails stealing data and threatening to publish it if the victim doesn’t pay the ransom
You can find the full report here which provides more insights into the new attack group and attack strategy.
Related
This entry was posted on September 11, 2024 at 10:50 am and is filed under Commentary with tags Palo Alto. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Unit 42 Repellent Scorpius/Cicada3301 Research Report Is Live
As ransomware incidents continue to grow, Palo Alto Networks Unit 42 has discovered a new ransomware-as-a-service (RaaS) group. Unit 42 has released research on the group, Repellent Scorpius, and how they’re distributing Cicada3301 ransomware.
Highlights include:
You can find the full report here which provides more insights into the new attack group and attack strategy.
Share this:
Like this:
Related
This entry was posted on September 11, 2024 at 10:50 am and is filed under Commentary with tags Palo Alto. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.