Diavol is a ransomware group that first emerged in May 2021, closely linked to the cybercrime organization Wizard Spider, also known as the Trickbot Group. Initially, there was some ambiguity regarding its data exfiltration capabilities, but it was later confirmed that the group does steal data from victims. Its primary motivation is financial gain through ransomware attacks and double extortion. Diavol distinguishes itself by utilizing user-mode Asynchronous Procedure Calls (APCs) with an asymmetric encryption algorithm, a method slower than typical symmetric algorithms, and by storing its core routines within bitmap images to complicate analysis. The group is notable for its willingness to negotiate ransom demands, which typically range from $10,000 to $500,000, often accepting lower payments compared to other prominent ransomware operations. The group operates under aliases such as LockMainDIB and Enigma, clarifying its distinct, albeit connected, identity within the broader cybercr

URLs nuevas detectadas en IntelTracker