FBI Releases Indicators of Compromise for RagnarLocker Ransomware

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of compromise (IOCs) associated with ransomware attacks by RagnarLocker, a group of a ransomware actors targeting critical infrastructure sectors.

CISA encourages users and administrators to review the IOCs and technical details in FBI Flash CU-000163-MW and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

FBI Releases Indicators of Compromise for RagnarLocker Ransomware

Please share your thoughts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA and Partners Release Advisory on Black Basta Ransomware

CISA Releases Four Industrial Control Systems Advisories

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

FBI Releases Indicators of Compromise for RagnarLocker Ransomware

Please share your thoughts

Related Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA and Partners Release Advisory on Black Basta Ransomware

CISA Releases Four Industrial Control Systems Advisories

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies