All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

How The Gentlemen Ransomware Spreads and Encrypts Entire Networks

By

[email protected] (Umut Bayram)

2d agoen

Source

picussecurity.comHow The Gentlemen Ransomware Spreads and Encrypts Entire Networkspicussecurity.com
Snippet from the RSS feed
Key Takeaways The Gentlemen ransomware is a RaaS threat written in Go , obfuscated with Garble , and active since mid-2025 . It targets education, transportation, healthcare, and financial sectors across five continents. The ransomware encrypts files using a hybrid Curve25519 and XChaCha20 scheme with unique per-file ephemeral keys. Its self-propagation module attempts up to 21 remote execution techniques per target host on the network. The Picus Platform simulates Gentlemen Ransomware attacks across both network infiltration and email infiltration attack modules. The Gentlemen ransomware is a ransomware-as-a-service (RaaS) threat, written in Go and obfuscated with Garble, that first emerged around mid-2025 and primarily targets organizations in the education, transportation, healthcare, and financial sectors across North America, South America, Europe, Africa, and Asia.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.