ALPHV BlackCat Ransomware or simply BlackCat Rasomware is an advance and a sophisticated piece of malware written in Rust programming language. It encrypts data of business users and corporate networks using a combination of AES-128 (CTR mode) and RSA-2048 algorithms, and then requires a large ransom in BTC or Monero for the decryption key.
Cerber Ransomware encrypt Windows and Linux machines by exploiting Atlassian Confluence (CVE-2021-26084) and GitLab (CVE-2021-22205) servers remote code execution vulnerabilities.
Rook ransomware encrypts its victims files with AES in ECB mode and instruct them to contact them at rook@onionmail.org for ransom negotiations.
Blue Locker ransomware encrypts its victims files with AES + RSA and instruct them to contact them at grepmord@protonmail.com for ransom negotiations.
The BlackByte ransomware operators leverage ProxyShell Microsoft Exchange vulnerabilities for initial access along with Cobalt Strike for lateral movement.