After BlackSuit is taken down, new ransomware group Chaos emerges
After the takedown of the BlackSuit ransomware group, a new group named Chaos has emerged, likely with some of the same members. Chaos encrypts files with a .chaos extension and sends ransom notes named "readme.chaos[.]txt" to victims. The group, active since February, targets organizations in the US, UK, New Zealand, and India, demanding around $300,000 in ransom. Victims who pay receive a decryptor and a vulnerability report, while those who refuse risk permanent data loss, public disclosure, and DDoS attacks.
Ars Technica•