GentleKiller Framework Disables Victims' Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
Read the full articleYou might also wanna read
From Armillaria loader to EDR killer
In the criminal sphere of ransomware, Akira is known for its abundance of victims and utilizing its opportunism to achieve its goals. The Th
Microsoft Defender añadirá aislamiento automático de dispositivos ante ciberataques de ransomware
Esta solución frente de protección servirá para evitar que un ataque de ‘ransomware’ afecte al sistema de la organización al completo
No Manners Here: The Ruthless Rise of The Gentlemen Ransomware
The Gentlemen ransomware is a Ransomware-as-a-Service (RaaS) operation active since at least July 2025, rapidly growing through an affiliate

'GodDamn' Ransomware Uses BYOVD to Smite US Companies
Microsoft signed a malicious kernel driver, and now it's being used to kill security software in ransomware attacks.
Safely Tracking Ransomware Affiliates
An ethical and reproducible HUMINT-style workflow for safely observing ransomware affiliates using synthetic personas, tactical empathy, and
GodDamn Ransomware Uses PoisonX Driver and Credential Harvesting to Bypass Endpoint Defenses
GodDamn ransomware uses the PoisonX signed kernel driver and credential harvesting plus AnyDesk access to disable defenses and encrypt syste

Comments
Sign in to join the conversation.
No comments yet. Be the first.