Cyber Threat Intelligence Weekly by SOCRadar


This week's most mentioned cybersecurity topics have been covered in this newsletter for you — the latest developments, cyberattacks, data breaches, recent vulnerabilities, threat intelligence insights, and more.

Dark Web Insights

Critical Vulnerabilities


Trending Threat Actors


Important Cybersecurity News


SOCRadar Blog


Deep Web Profile: Karakurt Extortion Group


Karakurt has extorted sensitive data from nearly 40 different organizations within a year, a Russian-originated cybercriminal organization. So what is the cause of the group’s “success,” and who are they?


Karakurt is a recently emerged threat actor who is believed to have close connections with the pro-Russian ransomware group Conti. Karakurt prioritizes data exfiltration & extortion attacks over ransomware than their close relatives. In June 2021, the group claimed the domain Karakurt[.]group Karakurt[.]tech. Up to September 2021, there were no recorded attacks or updates from the group’s website.


Although the exact first attack date is not known, Karakurt has inevitably been attacking multiple victims since September 2021. It’s been seen that the payment addresses Karakurt sends to its victims are the same as some of the Conti’s. Furthermore, Karakurt mainly targets western organizations from different industries, just like Conti.


Karakurt can be described as a financially motivated cybercriminal group that targets especially western corporations regarding these victims’ variety and geological distribution.


SOCRadar Cyber Intelligence Inc., 651 N Broad St, Ste 205, Middletown, DE 19709, USA, +1 (571) 249 4598