APT / THREAT GROUP
DN
2
aliases
Intelligence Profile
It’s directed to English speaking users, therefore is able to infect worldwide. Uses the name “Chrome Update” to confuse its victims. Then imitates the chrome update process ,while encrypting the files. DO NOT pay the ransom, since YOUR COMPUTER WILL NOT BE RESTORED FROM THIS MALWARE!!!!
Threat Analysis
DN is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning DN
CISA: Microsoft SharePoint RCE flaw now actively exploited
BleepingComputer· Jul 2, 2026
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
The Hacker News· Jul 2, 2026
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
The Hacker News· Jul 1, 2026
Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls
The Hacker News· Jul 1, 2026
ISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)
SANS ISC· Jun 30, 2026
Anthropic to restore Claude Fable access on Wednesday
BleepingComputer· Jun 30, 2026
Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M
CISA Alerts· Jun 30, 2026
Russia accuses Apple of ‘political censorship’ after VK apps removed from App Store
The Record· Jun 26, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
FakeDN
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.