AtomSilo is a ransomware group that first emerged in September 2021 and was initially observed to cease operations by year-end 2021, only to reemerge with activity reported in February 2026. The group operates with a double extortion model, primarily driven by financial gain, where they encrypt victim data and threaten to leak exfiltrated sensitive information. AtomSilo is assessed with high confidence to be linked to the Chinese state-sponsored actor BRONZE STARLIGHT, also known as Cinnamon Tempest, DEV-0401, Emperor Dragonfly, and SLIME34. This attribution suggests that its ransomware activities may serve as a smokescreen for espionage-driven data theft, distinguishing it from purely financially motivated groups. The group is notable for its rapid exploitation of recently disclosed vulnerabilities for initial access and its close operational and structural resemblances to the LockFile ransomware.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker