HOMETHREATSEraleign
APT / THREAT GROUP

Eraleign

2
aliases

Intelligence Profile

A new ransomware group is said to have emerged in mid-April 2024, under the name "APT73." It's worth noting that the group reportedly self-proclaimed as an APT, which stands for "Advanced Persistent Threat" in the cybersecurity field.

According to research, much of the available information about the aforementioned group came from another ransomware group known as LockBit. This is evident as the group, on its Data Leak Site (DLS) website, added pages such as "Contact Us," "How to buy Bitcoin," "Web Security Bug Bounty," and "Mirrors."

Another relevant fact is that this group is also known as Ransomware Eraleig. This is because the group allegedly used a domain in the past to disclose information about victims. There is no information available about any Tactics, Techniques, and Procedures associated with this ransomware group, nor about the latest artifacts used for encryption purposes.

Threat Analysis

Eraleign is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

Apt73Eraleign

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Eraleign — APT / Threat Group | Threat Intelligence | CTIWATCH.COM