DonutLeaks is a data extortion and ransomware group that first emerged in August 2022, rapidly gaining attention for its aggressive tactics and significant data leaks. Initially operating as an affiliate for established threat groups like Hive and Ragnar Locker, DonutLeaks evolved to develop and deploy its own customized ransomware encryptor, marking a shift towards independent operations and more effective monetization of stolen data. The group's primary motivation is financial gain through double extortion, which involves stealing sensitive information and then encrypting systems or threatening to release the exfiltrated data if ransom demands are not met. What distinguishes DonutLeaks is its theatrical approach to extortion, characterized by unique graphics and humorous content in their ransom notes, and an adaptable operational model that has recently seen a trend towards focusing solely on data extortion without necessarily deploying encryption. The group is also known by the alia

Paises afectados

URLs nuevas detectadas en IntelTracker