📐

Trigona operator

Tags

RansomOps

Attribution

💰Cybercrime

Incidents

Trigona targeting MSSQL servers Mimic used by Trigona operators

References

https://asec.ahnlab.com/en/51343/https://twitter.com/malwrhunterteam/status/1587581807595249666

Last edited

Feb 6, 2024 9:31 AM

Status

Finalized

Cloud-fluent

Unique Tools

Trigona Mimic ransomware

The Trigona ransomware gang is known for several ransom operations, in which the Trigona malware encrypts all files on victims' devices except those in specific folders, including the Windows and Program Files directories. Before encryption, the gang also claims to steal sensitive documents that will get added to its dark web leak site.