Crypto24 ransomware hits large orgs with custom EDR evasion tool
The Crypto24 ransomware group has been using custom utilities to evade security solutions on breached networks, exfiltrate data, and encrypt files. The threat group's earliest activity was reported on BleepingComputer forums in September 2024, though it never reached notable levels of notoriety. According to Trend Micro researchers tracking Crypto24's operations, the hackers have hit several large organizations in the United States, Europe, and Asia, focusing on high-value targets in the finan