Threats Tagged 'rootboy'
View all threats tagged with 'rootboy'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'rootboy'
Click on any threat for detailed analysis and mitigation recommendations
Prinz Eugen ransomware: a deep dive into a new Go-based encryptor 0 Prinz Eugen is a newly discovered Go-based ransomware family first observed in April 2026, attributed to an actor known as ROOTBOY. The encryptor employs sophisticated techniques including ChaCha20-Poly1305 encryption, prioritizes recently modified files to maximize pressure on victims, and implements anti-forensic measures such as memory scrubbing and self-deletion. Unlike typical ransomware, it leaves no ransom note on disk, conducting all extortion communications out-of-band through leak sites and direct contact. The threat actor gains initial access through compromised RDP credentials, uses legitimate RMM tools like RemotePC for persistence, and creates backdoor admin accounts. Victims span multiple countries and sectors, with notable incidents including Standard Bank Group in South Africa and Transitions Pro Centre Val de Loire in France. Join the discussion | AlienVault OTX General | 06/25/2026, 14:55:43 UTC Added: 06/25/2026, 15:16:16 UTC |
Showing 1 to 1 of 1 result