Threat Actor

Pandora ransomware is a new operation launched in March 2022 that targets corporate networks and steals data for double-extortion attacks.
Once they gain access to a network, the threat actors will spread laterally through a network while stealing unencrypted files to be used in extortion demands.
When encrypting a device, the ransomware will append the .pandora extension to encrypted files names.

Incidents Associated with this Threat

Malware Used by this Threat Actor

No malware identified for this threat actor.