Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A newly emerged ransomware group called Dire Wolf has been observed since May 2025, targeting multiple sectors globally with a focus on manufacturing and technology. The group employs double extortion tactics, encrypting files and threatening to publish stolen data. Analysis of a Dire Wolf ransomware sample revealed it was written in Golang and uses a combination of Curve25519 and ChaCha20 algorithms for encryption. The malware disables event logging, terminates specific processes and services, and deletes backups and recovery options. Victims are given personalized ransom notes with login details for negotiation. As of writing, 16 victims across 11 nations have been listed on the group's leak site, with the US and Thailand being the most affected.
OPENCTI LABELS :
ransomware,golang,data leak,dire wolf
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors