THREAT ACTOR: Snatch ransomware group

The Russian Snatch ransomware group uses the double extortion method; accordingly, the payload is made of ransomware and data stealer components. Threat actors use automated brute-force attacks against vulnerable applications in the target organizations. Also, the Snatch ransomware operators also use their affiliate partners to gain initial access to corporate networks.

Incidents Associated with this Threat

LnRiLWNvbnRhaW5lciAudGItY29udGFpbmVyLWlubmVye3dpZHRoOjEwMCU7bWFyZ2luOjAgYXV0b30gLndwLWJsb2NrLXRvb2xzZXQtYmxvY2tzLWNvbnRhaW5lci50Yi1jb250YWluZXJbZGF0YS10b29sc2V0LWJsb2Nrcy1jb250YWluZXI9Ijg0MzE4NmU1ZjRlNTBmNDlmZWI4OTliYzEyNDA5MjE3Il0geyBwYWRkaW5nOiAyNXB4OyB9IC53cC1ibG9jay10b29sc2V0LWJsb2Nrcy1jb250YWluZXIudGItY29udGFpbmVyW2RhdGEtdG9vbHNldC1ibG9ja3MtY29udGFpbmVyPSI4NDMxODZlNWY0ZTUwZjQ5ZmViODk5YmMxMjQwOTIxNyJdID4gLnRiLWNvbnRhaW5lci1pbm5lciB7IG1heC13aWR0aDogMTAwJTsgfSBAbWVkaWEgb25seSBzY3JlZW4gYW5kIChtYXgtd2lkdGg6IDc4MXB4KSB7IC50Yi1jb250YWluZXIgLnRiLWNvbnRhaW5lci1pbm5lcnt3aWR0aDoxMDAlO21hcmdpbjowIGF1dG99IH0gQG1lZGlhIG9ubHkgc2NyZWVuIGFuZCAobWF4LXdpZHRoOiA1OTlweCkgeyAudGItY29udGFpbmVyIC50Yi1jb250YWluZXItaW5uZXJ7d2lkdGg6MTAwJTttYXJnaW46MCBhdXRvfSB9IA==
November 30, 2021: R&D Data Breach at Volvo Cars

Malware Used by this Threat Actor

No malware identified for this threat actor.

THREAT ACTOR: Snatch ransomware group

Incidents Associated with this Threat

Malware Used by this Threat Actor

Pin It on Pinterest