CrazyHunter Campaign Targets Taiwanese Critical Sectors www.trendmicro.com/en_us/res…

CrazyHunter has quickly emerged as a serious ransomware threat. The group made their introduction in the past month with the opening of their data leak site where they posted ten victims – all located from Taiwan. This report introduces the tactics, techniques, and procedures (TTPs) utilized by CrazyHunter. It highlights the use of Bring Your Own Vulnerable Driver (BYOVD) and open-source tools on the GitHub platform, like the Prince ransomware builder. Recent findings indicate CrazyHunter’s toolset expansion, modification of the tools it initially used, and improved capability.