THREAT ANALYSIS: Beast Ransomware

SUMMARY :

The Beast Ransomware group, active since 2022, offers a Ransomware-as-a-Service (RaaS) platform with constant updates. It supports Windows, Linux, and ESXi systems, providing affiliates with customizable binary options. Beast employs advanced encryption methods, including Elliptic-curve and ChaCha20, and features multithreaded file encryption, process termination, shadow copy deletion, and subnet scanning. The ransomware avoids encrypting data in CIS countries and uses SMB scans for self-propagation. It targets various file formats and creates a unique mutex to prevent multiple instances. The Cybereason Defense Platform offers advanced detection and prevention features against Beast Ransomware.

OPENCTI LABELS :

linux,windows,esxi,raas,encryption,file-targeting,multithreading,beast ransomware,self-propagation,geofencing,monster


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


THREAT ANALYSIS: Beast Ransomware