Security News > 2022 > September > New Royal Ransomware emerges in multi-million dollar attacks
A new ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million.
Royal, aka Royal Zeon, is a relatively new operation that launched in June 2022 and consists of a group of vetted and experienced ransomware actors from previous operations.
Unlike most active ransomware operations, Royal does not operate as a Ransomware-as-a-Service but is instead a private group without affiliates.
Since the middle of September 2022, the ransomware gang has switched to the 'Royal' alias and began using that name in ransom notes generated by a new encryptor.
Since June, the Royal Zeon operation has been operating in the shadows, not using a data leak site and keeping news of their attacks quiet.
The Tor negotiation site is nothing special, simply containing a chat screen where a victim can communicate with the Royal ransomware operators.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)