RansomExx is a ransomware variant that debuted as Defray777 in 2018. It made a name for itself in 2020, after it was used in widely reported attacks on government agencies, manufacturers, and other such high-profile only months apart. By then, it was dubbed RansomEXX after the string “ransom.exx” was found in its binary. In 2020, the group also started a leak site for publishing stolen data.


Incidents Caused by this Malware

  • August 8, 2022: BRP Suspends Operations Following Ransomware Attack
  • August 2, 2022: RansomEXX Claims Attack on Taiwanese Computer Manufacturer
  • December 9, 2021: Ransomware Attack at German Supply Chain & Logistics Giant
  • July 16, 2021: RansomEXX Attacks CNT Telecommunications in Ecuador
  • September 23, 2020: Ransomware Attack Disrupts Tyler Technologies’ Operations.
  • September 21, 2020: Ransomware Attack Disrupting Operations
  • July 30, 2020: Konica Minolta hit by RansomEXX
  • May 14, 2020: Texas DOT Operations Affected by Ransomware Attack

Threat Actors Known to use this Malware

No threat actors identified

Pin It on Pinterest

Scroll to Top
Scroll to Top