Russian cybercriminals release new ransomware

The pro-Russia hacktivist group CyberVolk has reemerged with a new ransomware-as-a-service platform called VolkLocker, supporting both Linux and Windows systems. First documented in 2024 by SentinelOne, the group returned after a period of inactivity caused by Telegram bans. Despite advanced automation via Telegram bots, the malware features significant encryption flaws that could allow victims to recover files without payment.

December 13, 2025 በAI የተዘገበ

SentinelOne researchers have disclosed a critical flaw in CyberVolk's new VolkLocker ransomware-as-a-service: a hardcoded master key stored in plaintext, enabling victims to decrypt files without ransom payment. Following the group's August 2025 relaunch after Telegram bans, this weakness underscores quality issues in their RaaS ecosystem.

Pro-Russian hackers known as Curly COMrades are exploiting Microsoft's Hyper-V technology to embed lightweight Alpine Linux virtual machines within compromised Windows systems. This tactic allows them to run custom malware like CurlyShell and CurlCat undetected by traditional endpoint detection tools. The campaign, uncovered by Bitdefender in collaboration with the Georgian CERT, targets organizations in Europe and beyond.

January 24, 2026 በAI የተዘገበ

Researchers have attributed a failed cyberattack on Poland's electric grid to Russian state hackers, coinciding with the 10th anniversary of a similar assault on Ukraine. The wiper malware aimed to disrupt power distribution but did not succeed in knocking out electricity. Security firm ESET linked the incident to the notorious Sandworm group.

Following initial arrests reported last week, Spanish authorities have charged four more suspects in Denmark, fully dismantling a criminal network behind the April kidnapping and murder of a crypto holder near Málaga. The operation highlights rising 'wrench attacks' on digital asset owners.

January 08, 2026 በAI የተዘገበ

After a record 2025 for wrench attacks on cryptocurrency holders, as previously analyzed, experts forecast further increases in 2026. These physical coercions to steal digital assets are underreported amid law enforcement challenges and surging crypto adoption, warns TRM Labs.