Play Overview

Total Victims

2022

2023

Total

0

COUNT(*)

0

COUNT(*)

0

COUNT(*)

Play Top Targeted Countries

Play Top Targeted Sectors

No Data Found

No Data Found

Total Attacks Over Time​

No Data Found

About Play

PlayCrypt emerged during 2022 in a mysterious way, when german victims started asking on
forums about a “new ransomware that encrypts everything and places a ransom note with
just two lines: the word PLAY and an email which nobody answers to”.

After much speculation and after reversing one of their samples looking for contact details,
DC5411 could establish an initial exchange with the group, obtaining links for their first
onion service (to be aired 72 hs later).

The group used ProxyShell/ProxyNotShell vulnerabilities to gain initial foothold, even when
the later was patched, they had a workaround to keep the vulnerability working.

Among Group's Victims

© ALL RIGHTS RESERVED TO DarkFeed 2023