The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks.
Cuba ransomware’s activity reached a peak in 2021 when it partnered with the Hancitor malware gang for initial access. By the end of the year, it had breached 49 critical infrastructure organizations in the United States.
This year started less impressive for the ransomware gang, with few new victims. However, Mandiant spotted signs of tactical changes and experimentation that indicated the group is still active.
Source: Bleeping Computer