Rhysida Ransomware Group | 0 user ratings | 2025-10-17 10:29:41 blscott |
The Rhysida ransomware group is a ransomware-as-a-service (RaaS) operation that emerged in May 2023. It uses a \"double extortion\" model, stealing sensitive data from victims and threatening to release it unless a ransom is paid. The group is known for targeting critical infrastructure sectors and uses legitimate software tools for malicious purposes. Group operations RaaS model: Rhysida operates as a RaaS, meaning core developers lease out their tools and infrastructure to affiliates, who then carry out the attacks. Any ransom payments are split between the two parties. Target selection: The group conducts \"targets of opportunity\" attacks, compromising networks in a wide range of industries. Deceptive approach: In some cases, Rhysida actors have posed as cybersecurity experts to gain access to a victim\'s network by offering to identify security weaknesses. Ruthless tactics: The group has demonstrated a willingness to target sensitive organizations, such as hospitals and schools, which have previously been considered off-limits by other ransomware actors.
Comments | new comment |
| Nobody has commented yet. Will you be the first? | |
| Forum |
