惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Jina AI
Jina AI
宝玉的分享
宝玉的分享
Last Week in AI
Last Week in AI
Help Net Security
Help Net Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
人人都是产品经理
人人都是产品经理
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
GbyAI
GbyAI
博客园_首页
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
MongoDB | Blog
MongoDB | Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LINUX DO - 最新话题
PCI Perspectives
PCI Perspectives
博客园 - 三生石上(FineUI控件)
V2EX - 技术
V2EX - 技术
Spread Privacy
Spread Privacy
T
Tor Project blog
量子位
阮一峰的网络日志
阮一峰的网络日志
S
SegmentFault 最新的问题
小众软件
小众软件
博客园 - 叶小钗
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
H
Help Net Security
Y
Y Combinator Blog
N
News | PayPal Newsroom
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Tenable Blog
Scott Helme
Scott Helme
G
GRAHAM CLULEY
大猫的无限游戏
大猫的无限游戏
aimingoo的专栏
aimingoo的专栏
IT之家
IT之家
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
Martin Fowler
Martin Fowler
T
Threat Research - Cisco Blogs
博客园 - 司徒正美
Application and Cybersecurity Blog
Application and Cybersecurity Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Attack and Defense Labs
Attack and Defense Labs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
L
LangChain Blog
C
Check Point Blog
Google Online Security Blog
Google Online Security Blog
V
Visual Studio Blog
Latest news
Latest news

RansomLook – Last entries

Syndicate · RansomLook D1r · RansomLook Crpx0 · RansomLook Dataleak · RansomLook Arcus Media · RansomLook Doommageddon · RansomLook Redact · RansomLook Settra · RansomLook Wallstreet · RansomLook Cloak · RansomLook Deadlock · RansomLook 3am · RansomLook Direwolf · RansomLook Inc Ransom · RansomLook Qilin · RansomLook Bavacai · RansomLook Killsec3 · RansomLook Black X · RansomLook Coinbase Cartel · RansomLook Audit Team · RansomLook Abyss-Data · RansomLook Play · RansomLook Ailock · RansomLook Bravox · RansomLook Gunra · RansomLook Genesis · RansomLook Pear · RansomLook Termite · RansomLook Everest · RansomLook Worldleaks · RansomLook Payoutsking · RansomLook Nightspire · RansomLook Triple X · RansomLook Spy Corporate · RansomLook Nova · RansomLook Titan · RansomLook Stormous · RansomLook Nitrogen · RansomLook Money Message · RansomLook Akira · RansomLook Sinobi · RansomLook Icarus · RansomLook Ms13-089 · RansomLook Space Bears · RansomLook Cmd Organization · RansomLook Radar · RansomLook Aurora · RansomLook Secp0 · RansomLook Fulcrumsec · RansomLook Mnt6 · RansomLook Clop · RansomLook Rhysida · RansomLook Tridentlocker · RansomLook Brain Cipher · RansomLook M3rx · RansomLook Lockbit5 · RansomLook Securotrop · RansomLook Leak Bazaar · RansomLook Morpheus · RansomLook Embargo · RansomLook kairos details Leakeddata · RansomLook Safepay · RansomLook Prinz Eugen · RansomLook Crypto24 · RansomLook Ransomexx · RansomLook Payload · RansomLook Leaknet · RansomLook Vect · RansomLook Interlock · RansomLook Nasir Security · RansomLook Chaos · RansomLook Medusa · RansomLook Ransomhouse · RansomLook Dragonforce · RansomLook Krybit · RansomLook Lamashtu · RansomLook medical-park By blackwater Exitium · RansomLook Shinyhunters · RansomLook shadowbyt3$ details The Gentlemen · RansomLook Insomnia · RansomLook Eraleign (Apt73) · RansomLook anubis details Lynx · RansomLook beast details timc details
Black Nevas · RansomLook
RansomLook · 2026-04-15 · via RansomLook – Last entries

35posts (all time)

0last 30 days

0last 7 days

67% avg uptime 30d

Parsing: enabled

View crypto

Description

BlackNevas ransomware — also referred to as “Trial Recovery” — was first observed in November 2024. It is a direct derivative of the Trigona ransomware family and continues the lineage's focus on extortion over public shaming. BlackNevas operators support a double-extortion model, encrypting files using AES-256 with RSA-4112-protected keys, and appending the .-encrypted or .ENCRYPTED file extension to affected files. Hybrid payloads are available for Windows, Linux, NAS, and VMware ESXi platforms.

While BlackNevas does not host its own data leak site, it reportedly collaborates with other ransomware groups for data publication — known partners include Kill Security, Hunters International, DragonForce, Blackout, Embargo Team, and Mad Liberator. The group has predominantly targeted large enterprises in sectors such as finance, telecommunications, manufacturing, healthcare, and legal. Initial access is commonly achieved via phishing or exploitation of vulnerabilities, with lateral movement facilitated through SMB enumeration and optional LAN-wide propagation.

External Analysis2
Mail4
Telegram1
Urls1
Activity (interactive) 35
Posts35