The PolySwarm Blog

Related Families: LockBit 3.0
Verticals Targeted: Media, Insurance, Legal Services, Healthcare, Retail, Software, Construction, Manufacturing, Real Estate, Education, Government 

Executive Summary

BrainCipher ransomware, which was first observed in June 2024, is an emerging threat. BrainCipher is based on the leaked LockBit 3.0 builder and is functionally similar to LockBit 3.0.  

Related Families: LockBit 3.0, Conti
Verticals Targeted: Business Services, Construction, Retail, Telecommunications, Manufacturing, Mining, Government, Healthcare, Transportation, Energy, Software, Education 

Executive Summary

DragonForce is a ransomware as a service (RaaS) that has significantly evolved in the past year, making it a formidable threat.

Related Families: LockBit, LockBit 3.0
Verticals Targeted: Multiple 

Executive Summary

CYFIRMA recently reported on Exfiltrator-22, also known as EX-22, a new post-exploitation framework capable of spreading ransomware while evading detection.

Key Takeaways

• Exfiltrator-22, also known as EX-22, is a new post-exploitation framework capable of spreading ransomware while evading detection. 
• Exfiltrator-22, which is a framework-as-a-service, is designed to primarily target corporate networks.
• Analysts at CYFIRMA have linked Exfiltrator-22 to former LockBit 3.0 affiliates.

Executive Summary

Cluster25 recently reported on Lockbit 3.0, the latest version of Lockbit ransomware. Version 3.0 includes new features and a ransomware bug bounty program.