The Ragnarok group, which has attacked organisations since 2019, made a name for itself by exploiting a vulnerability in unpatched Citrix ADC servers in order to hunt for a firm's Windows PCs that were vulnerable to the EternalBlue exploit.Īt-risk devices then had the Ragnarok ransomware installed onto them, encrypting data files and demanding a Bitcoin ransom payment for their recovery.
The notorious Ragnarok ransomware gang appears to have abruptly closed its operations and entered retirement, releasing a universal decryption key for its past victims.
