UNC2198 Updates Tactics to Deploy EGREGOR Ransomware instead of MAZE Ransomware in Post ICEDID Infections
released on 2021-02-25 @ 06:49:38 PM
FireEye tracks the shifting tactics, techniques, and procedures of financially motivated groups who target organizations with ransomware. At the close of 2020, FireEye noticed a shift in a UNC2198 that has started to deploy EGREGOR ransomware in favor of MAZE ransomware following access acquired from ICEDID infections.