ProLock is a human-operated ransomware group that emerged in late 2019, initially operating as PwndLocker before rebranding in March 2020 after security researchers released a free decrypter for its predecessor. The group's primary motivation is financial gain, achieved by targeting large enterprises in a 'big-game hunting' approach to extract substantial ransom payments. ProLock distinguished itself by being among the first ransomware operations to consistently leverage the QakBot trojan for initial network access. A notable characteristic of the group was that their provided decryptor often corrupted files larger than 64MB, even after victims paid the ransom. The group also adopted double extortion tactics, exfiltrating data prior to encryption and threatening its public release if demands were not met.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker