Hellogookie is a ransomware group that emerged in April 2024 as a rebrand of the notorious HelloKitty ransomware operation. Its creator, known by the aliases Gookee, Kapuchin0, and Guki, shut down the original HelloKitty operation in October 2023, subsequently launching HelloGookie to continue ransomware activities with updated tactics. The group's primary motivation is financial extortion, employing double and triple extortion tactics. A defining characteristic of HelloGookie is its explicit attempt to avoid direct competition and potentially collaborate with other major ransomware groups, such as LockBit, while also openly recruiting individuals for voice phishing operations. HelloGookie operates under the direct control of its developer, who has a history of collaborating with other ransomware groups like Yanluowang, and is assessed with moderate confidence to be of Ukrainian origin.

URLs nuevas detectadas en IntelTracker