OnePercent is a financially motivated ransomware group that emerged in November 2020, known for its double extortion tactics against US companies. The group's name derives from its unique 'one percent leak' tactic, where it releases a small portion of exfiltrated data as proof before escalating extortion efforts. OnePercent operates as a ransomware-as-a-service affiliate, partnering with other prominent ransomware operations such as REvil (Sodinokibi), Maze, and Egregor, often leveraging their data leak sites for auctions if ransoms are not paid. The group is distinguished by its direct and persistent communication with victims, including follow-up calls and emails using spoofed numbers, maintaining network access for up to a month to thoroughly exfiltrate data before deploying ransomware.

Paises afectados

URLs nuevas detectadas en IntelTracker