Dark Angels Exposed

SUMMARY :

The Dark Angels ransomware group, active since April 2022, operates with sophisticated strategies targeting large companies for substantial ransom demands. They focus on stealthy attacks, avoiding outsourcing to third-party brokers. The group uses various ransomware payloads, including Babuk and Read the Manual (RTM) Locker for Windows, and a RagnarLocker variant for Linux/ESXi systems. Dark Angels emphasizes data theft over file encryption, often demanding payment to prevent data leaks. Their tactics include network infiltration, lateral movement, and selective ransomware deployment based on potential business disruption. The group has claimed a record $75 million ransom payment and operates a data leak site called Dunghill Leak.

OPENCTI LABELS :

ransomware,data exfiltration,raas,babuk,cve-2023-22069,ragnarlocker


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Dark Angels Exposed