Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks www.trendmicro.com/en_us/res…

In this blog entry, Trend Micro analyzes the Crypto24 ransomware to offer insights into its operator’s ongoing attack campaigns. Their analysis reveals that the threat actor operates with a high level of coordination, frequently launching attacks during off-peak hours to evade detection and maximize impact. Crypto24 has been targeting high-profile entities within large corporations and enterprise-level organizations.

The scale and sophistication of recent attacks indicate a deliberate focus on organizations possessing substantial operational and financial assets. The group has concentrated its efforts on organizations in Asia, Europe, and the USA, with targets spanning the financial services, manufacturing, entertainment, and technology sectors.