Donex
Parsing : Enabled
Known to be a RaaS
Description
Donex is a ransomware family that emerged in early 2022 as a rebrand of the older Muse ransomware. It uses a double-extortion strategy, combining file encryption with threats to leak stolen data on a Tor-hosted portal. Written in C++, Donex encrypts files using a combination of ChaCha20 and RSA-4096 algorithms and appends a custom extension unique to each victim. The group targets a broad range of sectors, including manufacturing, logistics, and professional services, with victims reported across North America, Europe, and Asia. Initial access methods include exploitation of public-facing applications and the use of stolen RDP credentials.
| External Analysis |
| https://www.trendmicro.com/en_us/research/22/i/new-donex-ransomware-variant.html |
| https://www.helpnetsecurity.com/2024/07/08/decryptor-donex-muse-darkrace-fake-lockbit-3-0/ |
| https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-donex-muse-and-darkrace-ransomware/ |
| Urls |
Screen |
| http://g3h3klsev3eiofxhykmtenmdpi67wzmaixredk5pjuttbx7okcfkftqd.onion |
Screen |
Posts
| Date |
Title |
Description |
Screen |
| 2024-03-08 |
vdhelm |
Van der Helm is a 4PL logistic service provider with a limitless passion for transport and logistics. From our offices in Den Hoor
... |
Screen |
| 2024-03-08 |
PFLEET |
P-Fleet is a leader in expense and payment management solutions for commercial fleets, including those with owner-operators and in
... |
Screen |
| 2024-03-08 |
elsapspa |
Da oltre 50 anni, Elsap è un’impresa dedita alla rappresentanza e alla distribuzione di componenti elettronici ed elettromeccanici
... |
Screen |
| 2024-03-08 |
CHOCOTOPIA |
Chocotopia is a center of entertainment in the heart of Prague.
You can visit here Museum of Chocolate and experience Chocolate
... |
Screen |
| 2024-03-08 |
mirel |
Nous sommes votre partenaire en matière de recrutement et de sélection.
Nous nous déplaçons sans engagement en entreprise afin de
... |
Screen |