Grief is a ransomware group that emerged in May 2021 as a rebrand of the DoppelPaymer ransomware operation, which itself is believed to be an evolution of the BitPaymer ransomware. The group is associated with the threat actor designated as GOLD HERON and is assessed with moderate confidence to be affiliated with the Russian ransomware gang Evil Corp. Grief's primary motivation is financial gain, achieved through a multi-extortion model that encrypts victims' data and threatens its public release. A distinctive characteristic of Grief is its use of Monero cryptocurrency for ransom payments, consistent with its predecessor DoppelPaymer, and its aggressive tactic of threatening to delete decryption keys if victims engage with negotiation companies, law enforcement, or data recovery specialists.

URLs nuevas detectadas en IntelTracker