Meet Trigona, a new ransomware family first seen in October 2022.
Upon infection, victims are asked to pay with Monero (XMR) on a dedicated TOR-based payment portal.
The malware attempts to achieve persistence via Registry Run keys (T1547.001). Trigona ransomware can spread via SMB. Additionally, Trigona encrypts files and adds a “._locked” extension.
SentinelOne Singularity™ XDR protects against Trigona ransomware attacks.
See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.