Dark Reading

Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks

A China-based threat group known as Storm-2603 has added a new weapon to its hacking arsenal. Cisco Talos researchers observed Storm-2603 abusing Velociraptor, an open source digital forensics and ...
CSOonline

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

Velociraptor, the open-source DFIR tool meant to hunt intruders, has itself gone rogue – being picked up by threat actors in coordinated ransomware operations. Never tied to extortion attacks before, ...
Bleeping Computer

Hackers now use Velociraptor DFIR tool in ransomware attacks

Threat actors have started to use the Velociraptor digital forensics and incident response (DFIR) tool in attacks that deploy LockBit and Babuk ransomware. Cisco Talos researchers assess with medium ...