February 19, 2025 By Tushar Subhra Dutta
The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat research team.
This financially motivated group, active since at least 2023, leverages leaked ransomware builders to target Windows systems globally.
Recent attacks showcase advanced anti-analysis techniques designed to evade detection. These methods make it difficult for security researchers to track and analyze the malware.
In addition to technical measures, researchers at SonicWall noted that the attackers use psychological pressure tactics to intimidate victims and pressure them into making cryptocurrency payments, increasing the effectiveness of their extortion schemes.
