2022-11-30

Data Extortion Group Levels Up with their Own Ransomware

Level: 
Strategic
  |  Source: 
BleepingComputer
Global
Share:

Data Extortion Group Levels Up with their Own Ransomware

The 'Donut Leaks" data extortion group has its own ransomware to fulfill double-extortion campaigns. Operating since August 2022, and have been linked to attacks on DESFA, a natural gas company in Greece, Sheppard Robson a UK architectural organization, and the construction company, Sando. BleepingComputer in following Donut Leak's ransomware operations describes them as having a "flair for theatrics, using interesting graphics, a bit of humor, and even offering a builder for an executable that acts as a gateway to their Tor data leak site." Ransom notes left by the group use graphics art display in ASCII or from the command prompt.

Get trending threats published weekly by the Anvilogic team.

Sign Up Now