Enterprises across the United States and Europe are on high alert as a new ransomware strain, dubbed “DoNex,” has been actively compromising companies and claiming victims.
This emergent threat has cybersecurity experts working overtime to understand the attack’s full scope and develop countermeasures.
The DoNex ransomware group has made its presence known by listing several companies as its victims on their dark web portal, accessible via the Onion network.
The group’s tactics are particularly insidious, employing a double-extortion method.
This not only involves the encryption of files, which are then appended with a unique.
VictimID extension, but also the exfiltration of sensitive data, holding it hostage to leverage additional pressure on the victims to pay the ransom.
Affected companies have discovered ransom notes named Readme.VictimID.txt on their systems, which instruct them to establish contact with the DoNex group through Tox messenger, a peer-to-peer instant messaging service known for its security and anonymity features.
Malware analysis can be fast and simple. Just let us show you the way to:
The use of Tox indicates an attacker’s preference for secure communication channels, making it more challenging for law enforcement to track and intercept.
Broadcom recently spotted the emergence of a new ransomware actor, self-dubbed “DoNex,” which was detected in the wild during March.
Currently, the exact methods DoNex uses to infiltrate enterprise systems remain a mystery.
Cybersecurity teams diligently monitor the situation and conduct thorough investigations to uncover the group’s modus operandi.
Understanding the attack vectors is crucial for preventing further incidents and developing effective defense strategies.
A recent tweet by HackManac reported the emergence of a new ransomware group called Donex.
This group has already leaked data from 5 companies on their website.
Symantec, a leader in cybersecurity solutions, has identified protections against the DoNex ransomware through its products.
Symantec’s systems detect the threat in two ways:
The rise of the DoNex ransomware is a stark reminder of the evolving threat landscape.
Enterprises are advised to stay vigilant, ensure their security systems are up to date, and educate their employees on the risks of ransomware.
Regular backups and a robust incident response plan are also critical in mitigating the impact of such attacks.
As the situation develops, cybersecurity firms and law enforcement agencies are expected to issue further updates and advisories.
It is imperative for companies to monitor these communications and to collaborate with the cybersecurity community to defend against these and future ransomware threats.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
In a significant development, the Trump administration is reportedly formulating a plan to prevent a…
IBM has announced the resolution of several security vulnerabilities affecting its IBM Security Directory Integrator…
A new security vulnerability has been uncovered in Apache Solr, affecting versions 6.6 through 9.7.0.…
A cybersecurity researcher recently disclosed several critical vulnerabilities affecting Git-related projects, revealing how improper handling…
Researchers from IIT Kharagpur and Intel Corporation have identified a significant security vulnerability in Intel…
Burp Suite 2025.1, is packed with new features and enhancements designed to improve your web…