Prometheus: An Emerging Ransomware Group Using Thanos Ransomware to Target Organizations
During our regular threat hunting operations, the Cyble Research team found a blog on the darkweb, hosted by the Prometheus ransomware group. This blog is a clear indication of the fact that the group is back in action these days. In the blog, the group has affiliated itself with the REvil ransomware group, as shown in Figure 1. Figure 1: Prometheus Blog Based on our research, Cyble researchers have found a sample of the Thanos ransomware being used by the Prometheus group for a recent ransomware attack. The technical analysis we have performed on the file has been shared below: TECHNICAL ANALYSIS: …