Play Overview

Total Victims

2022

2023

Total

0

COUNT(*)

0

COUNT(*)

0

COUNT(*)

About Play

PlayCrypt emerged during 2022 in a mysterious way, when german victims started asking on
forums about a “new ransomware that encrypts everything and places a ransom note with
just two lines: the word PLAY and an email which nobody answers to”.

After much speculation and after reversing one of their samples looking for contact details,
DC5411 could establish an initial exchange with the group, obtaining links for their first
onion service (to be aired 72 hs later).

The group used ProxyShell/ProxyNotShell vulnerabilities to gain initial foothold, even when
the later was patched, they had a workaround to keep the vulnerability working.

Total Attacks Over Time

No Data Found

Among Group's Victims

© ALL RIGHTS RESERVED TO DarkFeed 2023