The Infamous Ransomware Dark Angel Victim:
Nexperia in a recent cyber attack, raising concerns about cybersecurity vulnerabilities. To stay ahead of emerging threats, fortify your online security with the HookPhish Dark Web Monitoring platform. Explore HookPhish Dark Web Monitoring.
| Victim Name | Nexperia |
| Screenshots of Files Available | YES |
| Detailed List of Files and content available? | N/A |
| Post Date | April 10, 2024 |
| Download Links to Exfiltrated Data Dump Files? | N/A |
The use of any indicators of compromise (IOCs) or information obtained through cybersecurity research for any purpose other than cybersecurity is not condoned by HookPhish. Any links or references to anything potentially sensitive are being shared for cybersecurity purposes only and are not intended to promote or facilitate any illegal activities. Always consider the potential legal and ethical implications of your actions utilising this information.
Dark Angels Ransomware Group
The Dark Angels ransomware group is a cybercriminal organization that emerged in May 2022. They are known for their double extortion tactics, which involve not only encrypting the victim’s files but also stealing data and demanding payment to prevent its release. The group’s code for Windows-focused payloads is derived from the leaked Babuk builders, with nearly identical features. In late 2023, they developed payloads targeting Linux/ESXi systems, which are not derived from Babuk but have a bespoke codebase similar to RagnarLocker. Dark Angels has targeted various industries, including healthcare, government, finance, and education. In September 2023, they attacked Johnson Controls, an automation and manufacturing company, and locked their VMWare ESXi servers. Detection of Dark Angels ransomware requires a combination of technical and operational measures to identify suspicious network activity. SentinelOne’s Singularity XDR Platform can identify and stop activities related to Dark Angels ransomware.
Citations:
- [1] https://www.sentinelone.com/anthology/dark-angels-team-ransomware/
- [2] https://www.sentinelone.com/blog/dark-angels-esxi-ransomware-borrows-code-victimology-from-ragnarlocker/
- [3] https://www.bleepingcomputer.com/news/security/building-automation-giant-johnson-controls-hit-by-ransomware-attack/
Disclaimer: HookPhish does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any files or stolen information. Any legal concerns regarding the content should be directed at the attackers, not HookPhish. This blog is dedicated to posting editorial news, alerting readers about companies falling victim to ransomware attacks. HookPhish has no affiliation with ransomware threat actors or groups, and it does not host infringing content. The information on this page is automatically generated and redacted, sourced directly from the Onion Dark Web Tor Blogs pages.