Introduction
The ransomware was identified in early April 2023 and is said to target English-speaking users and potentially other languages. The extension added to encrypted files is: “.m9SRob” (potentially random). The ransom note is named “m9SRob-README.txt”. There are no further details about the mentioned group or potentially files. The fact is that it adds an ID for each victim.
Activities and Tactics
Information pending cataloguing.
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Information pending cataloguing.
Notable Indicators of Compromise (IOCs)
No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.
Malware and Tools
Information pending cataloguing.
Attribution and Evidence
Information pending cataloguing.
References
References pending cataloguing.