Desolator is a ransomware operation identified in reporting as one of the new ransomware variants that emerged in August 2024. The provided content states that it was observed leaking victims on the dark web. Mentioned claimed victims include Tri Thuc Software Trading, CONSTRUSEÑALES S.A., and Level. No additional high-confidence details on its tactics, techniques, geographic attribution, or operator relationships are provided in the source content. Known alias in the provided content: desolator.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Named as a new ransomware variant/gang emerging in 2024 and associated with victim claims posted in August 2024.
Desolator is a new ransomware group conducting attacks and leaking victim data on the dark web.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.