DarkBit is a politically-motivated ransomware group that first emerged in early 2023, notably around February 11, with its initial observed activity targeting an Israeli technical university. While some reports attribute the group to a Russian-speaking cybercrime gang, Israeli cybersecurity officials have linked DarkBit to Iranian government-sponsored threat actors like MuddyWater, an attribution supported by the strong anti-Israel sentiments expressed in their ransom notes and social media campaigns. The group's primary motivation combines political hacktivism, branding themselves as "Hackers for Good" against racism, fascism, and apartheid, with the financial gain typical of ransomware operations. DarkBit distinguishes itself through its explicit ideological messaging, its use of social media platforms for influence operations and data leaks, and its development of a custom Golang-based ransomware that is a modified variant of LockBit. The group operates using a Ransomware-as-a-Servi

Paises afectados

Sectores atacados

URLs nuevas detectadas en IntelTracker