RedAlert is a ransomware group that emerged in February 2022, also known as N13V, and is strongly associated with the Nokoyawa ransomware family. The group primarily targets businesses and critical infrastructure, employing double extortion tactics to encrypt sensitive data and pressure victims into paying ransoms by threatening to leak exfiltrated information. A distinguishing characteristic of RedAlert is its use of the uncommon NTRUEncrypt cryptographic algorithm for encryption, also seen in FiveHands ransomware. The group has shown an adaptive nature, with the Nokoyawa variant initially written in C and later rewritten in Rust by September 2022 to enhance performance and evasion capabilities. Its primary motivation is financial gain through these ransomware operations.

URLs nuevas detectadas en IntelTracker