Nefilim, also known as Nephilim, emerged in early 2020 as a ransomware group specializing in double extortion, a tactic involving both file encryption and data exfiltration with threats to publish stolen information. This group evolved from the Nemty ransomware family, adopting and modifying its codebase while discontinuing the Ransomware-as-a-Service model to focus on more targeted attacks and direct email communication for ransom negotiations. Nefilim distinguishes itself by primarily targeting high-revenue organizations, often with annual revenues exceeding $100 million, and employs tailored ransom demands to maximize financial gain. The group's primary motivation is financial, achieved by pressuring victims through data exposure on dedicated leak sites if ransoms are not paid.

URLs nuevas detectadas en IntelTracker