Key Group uses leaked builders of ransomware and wipers
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Key Group, also known as keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group has been active since 2022, using various leaked ransomware builders and wipers, including Xorist, Chaos, Annabelle, Slam, RuRansom, UX-Cryptor, Hakuna Matata, and Judge/NoCry. They distribute their malware through phishing emails and GitHub repositories, often using multi-stage loaders. Key Group employs various persistence methods and primarily communicates with victims via Telegram. The group is suspected to be a subsidiary project of the Russian-speaking 'huis' group, known for conducting spam raids on Telegram channels. Key Group's use of publicly available ransomware builders highlights a growing trend among cybercriminal groups.
OPENCTI LABELS :
phishing,ransomware,telegram,njrat,wiper,persistence,chaos,slam,hakuna matata,annabelle,ruransom,ux-cryptor,multi-stage loaders,leaked builders,russian-speaking,judge/nocry,xorist
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Key Group uses leaked builders of ransomware and wipers