DataKeeper
0 incidentes
0 paises
0 sectores
ransomware Ultimo: -
DataKeeper emerged in February 2018 as a Ransomware-as-a-Service (RaaS) offering, distinguishing itself by providing a free sign-up and immediate access to generate weaponized binaries for affiliates on the Dark Web. Its primary motivation is financial gain through extortion. The group stands apart from other RaaS operations by deploying a ransomware variant that uses a four-layered obfuscation technique, employs dual AES and RSA-4096 encryption without adding file extensions to compromised files, and utilizes PsExec for lateral movement within targeted networks, which was an unusual characteristic for .NET-based ransomware at the time. The RaaS platform also uniquely allowed affiliates to configure specific file types for encryption and set custom ransom amounts, fostering uncertainty for victims regarding the extent of their data loss.
Canales, DLS e infraestructura asociada
Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
Paises objetivo (SOCRadar)
Australia
United Kingdom
United States
Sectores objetivo (SOCRadar)
Energy & Utilities ConstructionManufacturingInformation ServicesFinanceProfessional&Technical ServicesEnterprises & HoldingHealthCare & Social AssistanceOtherSoftware Publishers