Royal Ransomware Targets Organizations with Custom Encryption and Double Extortion Tactics

Threat Advisories

Royal Ransomware Targets Organizations with Custom Encryption and Double Extortion Tactics

Threat Level
Attack Report

Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs.

Summary

Since September 2022, threat actors have been attacking both US and international organizations using a version of ransomware called Royal. This ransomware is unique because it employs a custom-made file encryption program and uses double extortion tactics. This involves threatening to release encrypted data publicly if the victim does not pay a ransom, which ranges from $1 million to $11 million USD in Bitcoin.