Rancor

Threat Actor updated a month ago (2024-11-29T13:37:12.653Z)
Download STIX
Preview STIX
Rancor, a previously unidentified threat actor group, has been executing malicious actions through targeted cyber-attacks since 2018. The cybersecurity industry has linked Rancor with the DragonOK group, and their activities have been observed to focus primarily on Southeast Asia. The group's attacks are characterized by the use of two primary malware families: DDKONG and PLAINTEE. Particularly, the exclusive use of the relatively unique PLAINTEE malware, which has six identified samples, is a distinctive feature of the RANCOR campaign. The RANCOR campaign has been seen to target various countries, as identified by Unit 42. These include, but are not limited to, nations within Southeast Asia. The campaign's use of consistent file paths across each attack cluster suggests a coordinated strategy. AutoFocus customers can track this threat via KHRAT, DDKONG, PLAINTEE, and RANCOR tags, providing valuable insight into the group's activities and potential targets. It's important to note that geopolitical volatility seems to be a significant driver of advanced persistent threat (APT) activity, as evidenced by groups such as CactusPete, LightSpy, Rancor, Holy Water, TwoSail Junk, and others. This highlights the necessity of maintaining vigilance in cybersecurity efforts, especially considering the ongoing tensions in regions like the U.S., Japan, and South Korea. The RANCOR campaign represents a continued trend of targeted attacks, underscoring the need for robust security measures against such threat actors.
Description last updated: 2024-05-05T07:06:12.013Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Rancor Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more