Donex
Compare
Parsing: enabled
Known RaaS
Description
Donex is a ransomware family that emerged in early 2022 as a rebrand of the older Muse ransomware. It uses a double-extortion strategy, combining file encryption with threats to leak stolen data on a Tor-hosted portal. Written in C++, Donex encrypts files using a combination of ChaCha20 and RSA-4096 algorithms and appends a custom extension unique to each victim. The group targets a broad range of sectors, including manufacturing, logistics, and professional services, with victims reported across North America, Europe, and Asia. Initial access methods include exploitation of public-facing applications and the use of stolen RDP credentials.
External Analysis3
| External Analysis |
|---|
| https://www.trendmicro.com/en_us/research/22/i/new-donex-ransomware-variant.html |
| https://www.helpnetsecurity.com/2024/07/08/decryptor-donex-muse-darkrace-fake-lockbit-3-0/ |
| https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-donex-muse-and-darkrace-ransomware/ |
Urls1
| Url | ||||
|---|---|---|---|---|
| http://g3h3klsev3eiofxhykmtenmdpi67wzmaixredk5pjuttbx7okcfkftqd.onion | Down |
|
Activity (interactive) 5
Posts5
| Date | Title | Description | Screen |
|---|---|---|---|
| vdhelm | Van der Helm is a 4PL logistic service provider with a limitless passion for transport and logistics. From our offices in Den Hoor ... |
|
|
| PFLEET | P-Fleet is a leader in expense and payment management solutions for commercial fleets, including those with owner-operators and in ... |
|
|
| elsapspa | Da oltre 50 anni, Elsap è un’impresa dedita alla rappresentanza e alla distribuzione di componenti elettronici ed elettromeccanici ... |
|
|
| CHOCOTOPIA | Chocotopia is a center of entertainment in the heart of Prague. You can visit here Museum of Chocolate and experience Chocolate ... |
|
|
| mirel | Nous sommes votre partenaire en matière de recrutement et de sélection. Nous nous déplaçons sans engagement en entreprise afin de ... |
|