CrazyHunter is a financially motivated ransomware group that emerged in early 2025, known for its aggressive and highly targeted attacks primarily against organizations in Taiwan. The group distinguishes itself through its heavy reliance on open-source tools, notably the "Prince Ransomware" builder, and its use of Bring-Your-Own-Vulnerable-Driver (BYOVD) techniques for defense evasion. While there was initial internal monitoring of their activities since January 2025, their debut was marked by a significant attack on a Taiwanese medical institution in February 2025, quickly followed by the establishment of a data leak site listing exclusively Taiwanese victims. The group's operational model emphasizes rapid compromise, data encryption, and exfiltration, utilizing a structured criminal branding system on their leak site that includes options for delaying data publication for a fee and offering vulnerability remediation guides.

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker