Pay2Key's Resurgence: Iranian Cyber Warfare Targets the West
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Pay2Key, an Iranian-backed ransomware-as-a-service operation, has re-emerged as Pay2Key.I2P, targeting Western organizations. Linked to the Fox Kitten APT group and collaborating with Mimic ransomware, the campaign has collected over $4 million in ransom payments in four months. The group offers an 80% profit share to affiliates supporting Iran or attacking its enemies, blending financial motivations with geopolitical objectives. Pay2Key.I2P employs sophisticated evasion techniques, including anti-analysis checks and obfuscation methods. The operation's strategic marketing on darknet forums and social media platforms indicates a planned rollout, with the addition of Linux-targeted ransomware expanding their attack surface.
OPENCTI LABELS :
ransomware,mimic,raas,evasion techniques,cyber warfare,pay2key,fox kitten
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Pay2Key's Resurgence: Iranian Cyber Warfare Targets the West