Grupo Ransomware: underground
Perfil del grupo segun ransomware.anggipradana.com.
| Campo | Valor |
|---|---|
| Alias | |
| Pais | |
| Estado |
Descripcion
Underground ransomware is deployed by the Russia-based RomCom group (Storm-0978) and has victimized companies across multiple industries since July 2023 by exploiting CVE-2023-36884, encrypting files without changing extensions and deleting Volume Shadow Copies and Windows event logs in double-extortion campaigns.