Saturday, June 14, 2025
HomeCyber AttackNew Ransomware that Threatens Companies to Pay Ransom Within 3 days Else...

New Ransomware that Threatens Companies to Pay Ransom Within 3 days Else they Leak Data

Published on

SIEM as a Service

Follow Us on Google News

The threat actor group behind new ransomware dubbed “Egregor” targets companies to steal sensitive data and then encrypt all the files.

Researchers from Appgate, discovered the ransomware, according to their code analysis the ransomware found to be the spinoff of the Sekhmet ransomware.

Egregor Ransomware Targets

The ransomware group targets companies worldwide including the global logistic company GEFCO, according to their advisory at least 13 different companies were infected.

- Advertisement - Google News

The threat actors behind the ransomware hacking into companies network and steals the sensitive data, once the data exfiltrated they encrypt all the files.

According to the ransom note “if the ransom is not paid by the company within 3 days, and aside from leaking part of the stolen data, they will distribute via mass media where the company’s partners and clients will know that the company was attacked.”

The developers behind the ransomware followed many code obfuscation methods to pack the payloads and it will get decrypted only if the correct decryption key is provided.

Attackers follow this method to avoid manually or sandbox analysis, also the group has an “Egregor news” website, hosted on the deep web to leak stolen data.

“Egregors’ ransom note also says that aside from decrypting all the files in the event the company pays the ransom, they will also provide recommendations for securing the company’s network, “helping” them to avoid being breached again, acting as some sort of black hat pentest team.”

Ransomware attack is quite common nowadays since Malicious software spreading everywhere through various mediums. The cybercriminals that use it are looking to do one thing, extort your money.

You can also read the complete ransomware mitigation checklist

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...