secp0 is a ransomware group that first emerged in February 2025, operating as a Ransomware-as-a-Service (RaaS) platform. Initially misunderstood for a novel extortion model involving vulnerability disclosure, the group quickly clarified its operations as conventional double-extortion ransomware. Their primary motivation is financial gain, achieved by encrypting victim data and threatening public disclosure on their dedicated leak sites. A distinguishing characteristic of secp0 is its focus on targeting Linux systems and ESXi environments, utilizing custom ELF binaries for its ransomware operations. The group paused publications in May 2025 to develop a software solution, believed to be the World Leaks platform, aimed at streamlining the publication of large datasets.

URLs nuevas detectadas en IntelTracker