Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Nefilim - Ransomware

The ransomware encrypts files with AES-128 encryption and appends ".NEFILIM" to infected files. The malware shares code with the Nemty ransomware family but instead of using a Tor payment site the malicious software relies on email communication for payment. The threat actor behind Nefilim threatens to release stolen data if the ransom is not paid within seven days.
Name Modified Date Sources
Nefilim - Ransomware 2020-03-18