CiphBit is a financially motivated ransomware-as-a-service (RaaS) group that commenced operations in April 2023, rapidly evolving to provide tools and services to affiliate attackers. This group primarily targets small to mid-sized businesses and large organizations, particularly those within the manufacturing, healthcare, legal, insurance, telecommunications, and technology sectors, across the UK, Europe, and North America. CiphBit is distinguished by its use of double extortion tactics, including encrypting data and exfiltrating sensitive information to be published on their TOR-based leak site if ransom demands, typically in Bitcoin, are not met. The group leverages anonymization tactics in its infrastructure and communication, making definitive attribution difficult, though it is often associated with Russian-speaking or Eastern European cyber groups.

Paises afectados

URLs nuevas detectadas en IntelTracker