VERY IMPORTANT

The Kraken ransomware group, emerging from the remnants of the HelloKitty cartel, has been observed conducting big-game hunting and double extortion attacks. Utilizing SMB vulnerabilities for initial access, they employ tools like Cloudflared for persistence and SSHFS for data exfiltration. Kraken's cross-platform ransomware targets Windows, Linux, and VMware ESXi environments, featuring a unique benchmarking capability. The group operates a data leak site and has announced a new underground forum called 'The Last Haven Board'. Kraken's sophisticated ransomware includes extensive command-line options, encryption performance testing, and anti-analysis techniques. It targets various file types, including SQL databases and network shares, while employing multi-threaded encryption and self-deletion processes to evade detection.