Cicada3301 Strikes: New Ransomware Gang Wreaks Havoc on Global Companies
Cicada3301, a new ransomware-as-a-service operation, has already victimized 19 companies worldwide. Named after a mysterious online game, Cicada3301 uses double-extortion tactics to scare victims into paying ransoms. Analysis suggests connections with the ALPHV/BlackCat group, indicating a possible rebrand.
Hot Take:
A new ransomware group named Cicada3301 is buzzing around cyberspace, and it’s ready to sting hard! With 19 victims already listed on its extortion portal, this group seems to be making a name for itself faster than you can say “cryptographic puzzle.” If you thought the original Cicada3301 from 2012-2014 was a brain teaser, wait until you meet its ransomware cousin. Spoiler: it’s not here to solve puzzles, it’s here to create them—mainly for your IT department.
Key Points:
- Cicada3301 is a new ransomware-as-a-service (RaaS) operation with 19 victims already listed on its extortion portal.
- The operation shares significant similarities with the ALPHV/BlackCat ransomware, suggesting a possible rebrand or fork.
- Truesec’s analysis indicates Cicada3301 may partner with Brutus botnet for initial network access.
- The ransomware targets both Windows and Linux/VMware ESXi systems, using the ChaCha20 encryption algorithm.
- Cicada3301 employs double-extortion tactics, threatening to leak stolen data unless the ransom is paid.