Actor de amenazas

rhysida

2 víctimas en México

Perfil del grupoInteligencia

url: https://www.ransomware.live/group/rhysida
name: rhysida
description: Rhysida is a ransomware-as-a-service (RAAS) group that emerged in May 2023. The group utilizes a namesake ransomware through phishing attacks and Cobalt Strike to breach the targets' networks and deploy their payloads. The group threatens to publicly distribute exfiltrated data if the ransom is not paid, and it's worth mentioning that Rhysida is still in the early stages of development. The ransomware leaves PDF notes in the affected folders, instructing victims to contact the group through its portal, and payment is made via Bitcoin. After encryption, the ransomware appends the extension '.ryshida' to encrypted files. Source: https://github.com/crocodyli/ThreatActors-TTPs

Víctimas recientesMás recientes primero

FechaVíctimaGrupoSectorFuente

19 de julio de 2024Law Offices of the Public Defender - New MexicorhysidaPublic Sectorn/d

26 de marzo de 2024El DebaterhysidaConsumer Servicesn/d