Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t

[[correlate]]

Content source

https://www.sentinelone.com/labs/spook-ransomware-prometheus-derivative-names-those-that-pay-shames-those-that-dont/

There is some indication that Spook is either linked to, or derived from, Prometheus ransomware. Prometheus is itself an evolution of Thanos ransomware. However, it is important to note that since Thanos ransomware had a builder which was leaked, any real attempts at attribution based solely on the malware’s code is somewhat futile. Even so, there are a few notable similarities between Spook, Prometheus, and ultimately Thanos.

Spook Ransomware | Prometheus Derivative Names Those That Pay, Shames Those That Don’t

New ransomware operator publishes victim details even if they pay. Our technical analysis shows how Spook is connected to other well-known malware families.

www.sentinelone.com