PLAY Ransomware Group Added Six New Organizations to its Victim List
In the latest cyberattacks by PLAY, six organizations in the United States, United Kingdom, and Norway have been targeted. The PLAY ransomware group, known for targeting small and medium-sized businesses, infiltrates organizations using various techniques such as exploiting vulnerabilities and leveraging exposed RDP servers. Once inside, they encrypt files and threaten to expose sensitive data for double extortion. The group has recently incorporated new tools and exploits into their arsenal. There are indications of affiliation between PLAY ransomware and other ransomware families, and similarities have been found with the Quantum ransomware group. The information provided in this report is for reference purposes only and users are responsible for relying on it.