Knight is a ransomware-as-a-service (RaaS) operation that emerged in July 2023, representing a rebrand and evolution of the earlier Cyclops ransomware, also known as Cyclops 2.0. The group operates with a clear financial motivation, employing multi-extortion tactics to pressure victims into paying ransoms. A distinguishing feature of Knight is its offering of both normal and 'lite' versions of its payloads, designed to cater to various attack scales. The RaaS program provides affiliates with a builder, expanded toolsets, and panel access to create payloads and manage campaigns, often incorporating unique features like personalized support and distinct TOR domains for each target. The group's alleged origin is Russia and Europe, though this is based on their own claims of being a team of four individuals. Knight is commonly referred to by its former alias, Cyclops, and its source code was later sold in February 2024, leading to the emergence of the RansomHub ransomware, which is believe

URLs nuevas detectadas en IntelTracker