| https://blog.sekoia.io/vice-society-a-discreet-but-steady-double-extortion-ransomware-group |
| https://blogs.vmware.com/security/2022/09/esxi-targeting-ransomware-the-threats-that-are-after-your-virtual-machines-part-1.html |
| https://soolidsnake.github.io/2021/07/17/hellokitty_linux.html |
| https://unit42.paloaltonetworks.com/emerging-ransomware-groups/ |
| https://www.bleepingcomputer.com/news/security/linux-version-of-hellokitty-ransomware-targets-vmware-esxi-servers/ |
| https://www.crowdstrike.com/blog/hypervisor-jackpotting-ecrime-actors-increase-targeting-of-esxi-servers/ |
| https://www.esentire.com/blog/conti-affiliate-exposed-new-domain-names-ip-addresses-and-email-addresses-uncovered-by-esentire |
| https://www.govinfosecurity.com/vice-society-ransomware-gang-disrupted-spar-stores-a-18225 |
| https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself |
| https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf |
| https://blog.bushidotoken.net/2022/05/gamer-cheater-hacker-spy.html |
| https://blog.malwarebytes.com/threat-spotlight/2021/03/hellokitty-when-cyberpunk-met-cy-purr-crime/ |
| https://blogs.vmware.com/security/2022/09/threat-report-illuminating-volume-shadow-deletion.html |
| https://id-ransomware.blogspot.com/2020/11/hellokitty-ransomware.html |
| https://labs.sentinelone.com/hellokitty-ransomware-lacks-stealth-but-still-strikes-home/ |
| https://medium.com/proferosec-osm/static-unpacker-and-decoder-for-hello-kitty-packer-91a3e8844cb7 |
| https://twitter.com/fwosar/status/1359167108727332868 |
| https://unit42.paloaltonetworks.com/emerging-ransomware-groups/ |
| https://www.advintel.io/post/discontinued-the-end-of-conti-s-brand-marks-new-chapter-for-cybercrime-landscape |
| https://www.advintel.io/post/enter-karakurt-data-extortion-arm-of-prolific-ransomware-group |
| https://www.bleepingcomputer.com/news/security/hellokitty-ransomware-is-targeting-vulnerable-sonicwall-devices/ |
| https://www.cadosecurity.com/post/punk-kitty-ransom-analysing-hellokitty-ransomware-attacks |
| https://www.cisa.gov/uscert/ncas/alerts/aa22-249a |
| https://www.crowdstrike.com/blog/new-ransomware-variant-uses-golang-packer/ |
| https://www.databreaches.net/babuk-re-organizes-as-payload-bin-offers-its-first-leak/ |
| https://www.esentire.com/blog/conti-affiliate-exposed-new-domain-names-ip-addresses-and-email-addresses-uncovered-by-esentire |
| https://www.fireeye.com/blog/threat-research/2021/04/unc2447-sombrat-and-fivehands-ransomware-sophisticated-financial-threat.html |
| https://www.ic3.gov/Media/News/2021/211029.pdf |
| https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself |
| https://www.speartip.com/resources/fbi-hellokitty-ransomware-adds-ddos-to-extortion-arsenal/ |