The CACTUS ransomware group employs unique encryption techniques, including hiding the decryption key within a file named ntuser.dat, to evade detection by anti-virus software.

Unraveling the CACTUS Ransomware Group’s Recent Exploits

The CACTUS ransomware group has targeted two new victims, Astro Lighting and Orthum Bau, in their latest cyberattacks. The motive behind these attacks is unclear, but both companies seem to be operating normally despite the alleged attacks. The CACTUS group has been active for several months and uses various tactics to infiltrate networks, including exploiting VPN vulnerabilities and using custom scripts. Their encryption method involves hiding a decryption key in a file named ntuser.dat. The group also utilizes tools like Cobalt Strike and Chisel for command and control.

Back to Home


  • No comments yet.