Cicada3301

Cicada3301 has emerged as a new RaaS operation targeting multiple companies, with a particular focus on VMware ESXi systems. By leveraging a variant of ransomware written in Rust, similar to the defunct BlackCat/ALPHV group's tools, Cicada3301 causes significant disruption to the targeted organizations. The breach involves encrypted files, primarily documents and pictures, leading to potential loss of sensitive and proprietary data. The ransomware also targets Linux systems and exhibits flexibility in operation through various configurable parameters. The impact includes potential operational downtime, financial losses due to ransom demands, and reputational damage resulting from the compromise and publication of victim data on Cicada3301's extortion portal.

Source: https://securityaffairs.com/167897/cyber-crime/a-new-variant-of-cicada-ransomware-targets-vmware-esxi-systems.html

"id": "cic004090624",
"linkid": "cicada-partners",
"type": "Ransomware",
"date": "9/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"