Cyclops emerged in May 2023 as a Ransomware-as-a-Service (RaaS) operation, notably developing cross-platform ransomware capable of infecting Windows, Linux, and macOS systems, and later expanding to ESXi and Android. The group rebranded to 'Knight' in August 2023, offering updated versions and recruitment for new affiliates. Assessed with moderate confidence, the group claims to originate from Russia and Europe, driven by financial motivations. What sets Cyclops/Knight apart is its dual offering of ransomware and a separate information stealer, alongside its rapid evolution and rebranding strategy that ultimately saw its codebase sold and affiliates migrate to successor operations like RansomHub.

URLs nuevas detectadas en IntelTracker