RansomEXX Ransomware Gang Attacks DVA - DVision Architecture

The RansomEXX ransomware gang has attacked DVA - DVision Architecture. DVision Architecture is an architectural firm that specializes in designing and planning architectural projects. DVA focuses on creating innovative and sustainable designs that meet its client's unique needs and aspirations. RansomEXX posted DVision Architecture to its data leak site on July 3rd but provided no further details.

The Evolution of RansomEXX

RansomEXX, originally known as Defray777 when it first emerged in 2018, gained significant attention in 2020 due to its involvement in high-profile attacks targeting government agencies and manufacturers. The ransomware variant was renamed RansomEXX after discovering the string "ransom.exx" in its binary code. In the same year, the group behind RansomEXX established a leak site to publish the stolen data they obtained. Even today, RansomEXX remains an active player in the realm of ransomware, alongside other variants such as LockBit and Conti.

Impact and Notable Attacks

Similar to these groups, the operators of RansomEXX have shown no hesitation in publicly exposing the data they steal from their victims. They have targeted government agencies and even disclosed sensitive information stolen from them. A notable example occurred in March 2022 when they attacked a Scottish mental health charity, releasing 12GB of data, including personal information and credit card details belonging to the charity's volunteers.