← Back to Ransomware Tracker

Rook

Inactive
According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files by encrypting them. It also modifies filenames and creates a text file/ransom note (HowToRestoreYourFiles.txt). Rook renames files by appending the .Rook extension. For example, it renames 1.jpg to 1.jpg.Rook, 2.jpg to 2.jpg.Rook.
9 Victims
Dec 7, 2021 First Discovered
Jan 8, 2022 Last Discovered
1531 Days Inactive
0% Infostealer
0/1 Sites Online
Known Locations (1)
We Are Rook!!!
gamol6n6p2p4c3ad7gxmx3ur7wwdwlywebo2azv3vv5qlmjmole2zbyd.onion
Intelligence
📄 1 Ransom Notes
View the actual ransom notes used by this group
Victims (9)
Abdi ibrahim
Discovered: Jan 8, 2022 · Attack est.: Jan 8, 2022
Evalueserve
Discovered: Dec 28, 2021 · Attack est.: Dec 28, 2021
DENSO
Discovered: Dec 28, 2021 · Attack est.: Dec 28, 2021
Data breach summary
Discovered: Dec 26, 2021 · Attack est.: Dec 26, 2021
Rossell Techsys(Data will be given tomorrow)
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
KMG Prestige, Inc. (Data will be given tomorrow)
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
Rosendahl Design Group
Discovered: Dec 14, 2021 · Attack est.: Dec 14, 2021
Rossell Techsys
Discovered: Dec 14, 2021 · Attack est.: Dec 14, 2021
KMG Prestige, Inc.
Discovered: Dec 7, 2021 · Attack est.: Dec 7, 2021
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Tracker