THREAT ACTOR: Pandora
Pandora ransomware is a new operation launched in March 2022 that targets corporate networks and steals data for double-extortion attacks.
Once they gain access to a network, the threat actors will spread laterally through a network while stealing unencrypted files to be used in extortion demands.
When encrypting a device, the ransomware will append the .pandora extension to encrypted files names.
Incidents Associated with this Threat
- March 10, 2022: Auto Parts Supplier Suffers Ransomware Attack
Malware Used by this Threat Actor
No malware identified for this threat actor.