Trigona ransomware attacks use custom exfiltration tool to steal data

The Trigona ransomware gang is employing a custom exfiltration tool, named uploader_client.exe, to steal data more efficiently and evade security detection. This tool facilitates faster data theft through simultaneous connections and connection rotation, and it has been observed in recent attacks alongside other tools designed to disable security software and steal credentials.