H0lyGh0st Ransomware Group

Also known as: H0lyGh0st Ransomware Group

H0lyGh0st is a North Korea-based ransomware-focused threat actor group.[H0lyGh0st - North Korean Threat Group Strikes Back With New Ransomware]

Introduction

H0lyGh0st is a North Korea-based ransomware-focused threat actor group.[H0lyGh0st - North Korean Threat Group Strikes Back With New Ransomware]

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • gh0st:
  • Back Orifice:
  • Back Orifice 2000:
  • Gh0st RAT:

Attribution and Evidence

Information pending cataloguing.

References

[1] [H0lyGh0st - North Korean Threat Group Strikes Back With New Ransomware