Dark Angels is a financially motivated ransomware group that first launched attacks in April 2022, although its logo claims formation in 2021. The group has evolved from using Babuk-derived ransomware in its early operations to incorporating variants like RTM Locker and RagnarLocker for Windows and Linux/ESXi systems by mid-2023. Assessed with high confidence to operate from Russian-speaking regions, Dark Angels' primary motivation is significant financial gain through targeted extortion. What distinctly sets this group apart is its independent, "big game hunting" approach, focusing on a limited number of high-value enterprises rather than employing a widespread affiliate model. This strategy allows them to secure record-breaking ransoms, including a documented $75 million payment in 2024, while often minimizing public attention by selectively deploying encryption based on the potential for business disruption, frequently prioritizing massive data theft.

URLs nuevas detectadas en IntelTracker