Adhubllka ransomware

Summary

A new ransomware variant has emerged as part of the Adhubllka ransomware family, targeting individuals and small enterprises with smaller ransom demands to evade media attention. The ransomware spreads via phishing emails and employs a victim portal on Tor for decryption key delivery after ransom payment. Adhubllka has been previously mislabeled and associated with various aliases, used by threat groups like TA547 in campaigns targeting diverse sectors. Researchers anticipate potential rebranding of the Adhubllka family and its adoption by other cybercriminal groups. This underscores the need for robust endpoint security measures to combat evolving ransomware threats effectively.