GOLD PARAKEET

GOLD PARAKEET is a group of financially motivated cybercriminals responsible for the creation, distribution, and operation of the NetWalker (also known as Mailto) ransomware. First observed in August 2019, by March 2020 GOLD PARAKEET had evolved into a ransomware-as-a-service (RaaS) merchant advertising on underground forums. In May 2020, the threat group began using the name-and-shame tactic of exfiltrating victim data and threatening to publicly release it to increase leverage over victims. This is also referred to as double extortion, since the victim has to pay for both decryption and return of data. CTU researchers ascribe a moderate level of confidence on the attribution of GOLD PARAKEET to Russian cyber threat actors,based on the RaaS program prohibition on Russian targets.