216.73.217.80

Key Group: another ransomware group using leaked builders

· Published 01/10/2024 19:48 · Modified 01/10/2024 20:53

Export JSON

Essential information

Published
01/10/2024 19:48
Modified
01/10/2024 20:53
Tags
2024-10-01 annabelle chaos financially-motivated github hakuna matata judge/nocry leaked builders multi-stage loaders njrat persistence ransomware ruransom russian-speaking slam telegram ux-cryptor wiper xorist
Related entities
1 intrusion sets (apt), 18 techniques (mitre), 12 malware, 1 others

Description

Key Group is a financially motivated group primarily targeting Russian users. They use various leaked builders including , , , , , , , and . The group's activity has been tracked since April 2022, with their tactics evolving over time. They deliver malware through , often using repositories for distribution. Key Group employs various methods and primarily communicates with victims via . The group is suspected to be a subsidiary project of the 'huis' group, known for spam raids on channels.

External references