Nemty emerged in August 2019 as a Ransomware-as-a-Service (RaaS) offering, notably featuring an exclusion mechanism for encrypting systems within specific Commonwealth of Independent States (CIS) countries like Russia, Belarus, Kazakhstan, Tajikistan, and Ukraine. Instead of encryption, it sends system data from these regions back to the operators, suggesting a potential Russian-speaking origin for the group. Initially, Nemty garnered attention due to some artifacts observed in its distribution methods that bore resemblance to Sodinokibi and GandCrab, though direct ties were not definitively established. In April 2020, the Nemty RaaS publicly announced its shutdown, transitioning to a more private and exclusive operational model. This shift followed the release of several decryptors for earlier versions of their ransomware and the emergence of Nefilim ransomware, which shares substantial code with Nemty, indicating a possible acquisition of Nemty's code base rather than a direct evolut

URLs nuevas detectadas en IntelTracker