The Beast Ransomware Hidden in the GUI
The Beast ransomware group is a group that evolved from the Monster ransomware strain. They emerged as a Ransomware-as-a-Service (RaaS) in February 2025, and officially launched their Tor-based data leak site in July. As of August 2025, they have publicly disclosed 16 victim organizations from the United States, Europe, Asia,
Analysis of Gunra Ransomware Using Vulnerable Random Number Generation Function (Distributed for Linux Environments in ELF Format)
The Gunra ransomware group, which began its activities in April 2025, has been launching continuous attacks against various industries and companies around the world. Cases of damage have been reported in Korea as well. The distributed Gunra ransomware is available in two formats: an EXE file format for Windows environments
Analysis on the Qilin Ransomware Using Selective Encryption Algorithm
Recently, Qilin ransomware has been launching continuous attacks on companies in various countries and industries around the world, and cases of damage have also been identified in South Korea. This post analyzes the key features and encryption methods of Qilin ransomware, as well as the technical reasons why decryption is
Dire Wolf Ransomware: Threat Combining Data Encryption and Leak Extortion
DireWolf Ransomware Group The DireWolf ransomware group made their first appearance in May 2025. On May 26 of the same month, they disclosed their first 6 victims on a darknet leak site, marking the beginning of their full-fledged activities. The group stated that their only goal is money and contacts
