Skip to Content

Cheerscrypt ransomware

Updated on 2022-10-05: Chinese ransomware group

In a report published on Tuesday, French security firm Sygnia said it linked the Cheerscrypt and Night Sky ransomware strains to Emperor Dragonfly, a China-based threat actor. Read more: REVEALING EMPEROR DRAGONFLY: NIGHT SKY AND CHEERSCRYPT – A SINGLE RANSOMWARE GROUP

“Emperor Dragonfly – also known as DEV-0401, and BRONZE STARLIGHT – is a Chinese ransomware group that started operating in mid-2021. Unlike other ransomware groups, Emperor Dragonfly does not operate in an affiliate model and refrain from purchasing initial access from other threat actors. Instead, they manage all stages of the attack lifecycle on their own. The group often rebrand their ransomware payloads, which helps them stay under the radar and avoid sanctions – as they have the appearance of being several, smaller ransomware groups.”

Updated on 2022-10-04

Cybersecurity firm Sygnia linked activities involving Linux-based ransomware strain Cheerscrypt to a Chinese cyberespionage group known as Bronze Starlight or DEV-0401, or Emperor Dragonfly. Read more: Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers

Overview: Cheerscrypt ransomware

Trend Micro has published a report on Cheerscrypt, a new strain of Linux ransomware used to encrypt data on VMWare ESXi servers.

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.