MALWARE: RansomEXX
RansomExx is a ransomware variant that debuted as Defray777 in 2018. It made a name for itself in 2020, after it was used in widely reported attacks on government agencies, manufacturers, and other such high-profile only months apart. By then, it was dubbed RansomEXX after the string “ransom.exx” was found in its binary. In 2020, the group also started a leak site for publishing stolen data.
Incidents Caused by this Malware
- August 8, 2022: BRP Suspends Operations Following Ransomware Attack
- August 2, 2022: RansomEXX Claims Attack on Taiwanese Computer Manufacturer
- December 9, 2021: Ransomware Attack at German Supply Chain & Logistics Giant
- July 16, 2021: RansomEXX Attacks CNT Telecommunications in Ecuador
- September 23, 2020: Ransomware Attack Disrupts Tyler Technologies’ Operations.
- September 21, 2020: Ransomware Attack Disrupting Operations
- July 30, 2020: Konica Minolta hit by RansomEXX
- May 14, 2020: Texas DOT Operations Affected by Ransomware Attack
Threat Actors Known to use this Malware
No threat actors identified