CryptBB is a ransomware group that first appeared by June 2023, primarily motivated by financial gain through data encryption and extortion. The group is assessed with high confidence to be of Russian origin and has been observed utilizing complex encryption algorithms and aggressive negotiation tactics, often demanding high ransom payments from its victims. CryptBB distinguishes itself by employing double extortion, threatening to publicly release stolen data if ransom demands are not met. The group's ransomware payload typically appends random extensions to encrypted files, modifies the victim's desktop wallpaper, and generates a ransom note to guide victims on payment. Intelligence suggests that CryptBB's ransomware may be related to or based on the LockBit 3.0 ransomware, having potentially separated from the larger LockBit group at the beginning of 2023.

Paises afectados

URLs nuevas detectadas en IntelTracker