ragnarlocker.jpg?profile=RESIZE_400xUS federal authorities first became aware of RagnarLocker in April 2020 and subsequently produced a cyber report to disseminate known indicators of compromise (IOCs) at that time.  The linked report provides  updated and additional IOCs to supplement that report.  As of January 2022, analysts have identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government, and information technology sectors.  RagnarLocker ransomware actors work as part of a ransomware family, frequently changing obfuscation techniques to avoid detection and prevention.

Thanks to the US Federal Bureau of Investigation for providing this valuable information.  Link to full TLP WHITE report (with indicators): flash_ragnarlocker_ransomware.pdf

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance