← Back to Ransomware Chk

Rook

Inactive
According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files by encrypting them. It also modifies filenames and creates a text file/ransom note (HowToRestoreYourFiles.txt). Rook renames files by appending the .Rook extension. For example, it renames 1.jpg to 1.jpg.Rook, 2.jpg to 2.jpg.Rook.
9 Victims
Dec 7, 2021 First Discovered
Jan 8, 2022 Last Discovered
1577 Days Inactive
100% Infostealer
0/1 Sites Online
Top Countries
JP 1
Top Sectors
Manufacturing 2
Technology 2
Healthcare 1
Business Services 1
Energy 1
Consumer Services 1
Known Locations (1)
We Are Rook!!!
gamol6n6p2p4c3ad7gxmx3ur7wwdwlywebo2azv3vv5qlmjmole2zbyd.onion
Victims (9)
Abdi ibrahim
Healthcare Discovered: Jan 8, 2022 · Attack est.: Jan 8, 2022
Evalueserve
Business Services Discovered: Dec 27, 2021 · Attack est.: Dec 27, 2021
DENSO
JP Manufacturing Discovered: Dec 27, 2021 · Attack est.: Dec 27, 2021
Data breach summary
Discovered: Dec 26, 2021 · Attack est.: Dec 26, 2021
Rossell Techsys(Data will be given tomorrow)
Technology Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
KMG Prestige, Inc. (Data will be given tomorrow)
Energy Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
Rosendahl Design Group
Consumer Services Discovered: Dec 14, 2021 · Attack est.: Dec 14, 2021
Rossell Techsys
Technology Discovered: Dec 14, 2021 · Attack est.: Dec 14, 2021
KMG Prestige, Inc.
Manufacturing Discovered: Dec 7, 2021 · Attack est.: Dec 7, 2021
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Chk