Tags
RansomOps
Attribution
💰Cybercrime
Incidents
Trigona targeting MSSQL serversMimic used by Trigona operators
References
https://asec.ahnlab.com/en/51343/https://twitter.com/malwrhunterteam/status/1587581807595249666
Last edited
Feb 6, 2024 9:31 AM
Status
Finalized
Cloud-fluent
Unique Tools
TrigonaMimic ransomware
The Trigona ransomware gang is known for several ransom operations, in which the Trigona malware encrypts all files on victims' devices except those in specific folders, including the Windows and Program Files directories. Before encryption, the gang also claims to steal sensitive documents that will get added to its dark web leak site.