CiphBit is a ransomware group identified by Dragos as a new/emerging ransomware group observed in Q1 2025. The provided content lists CiphBit among newly observed groups in Dragos’s Q1 2025 ransomware threat landscape reporting on industrial organizations. The content does not provide specific TTPs, victimology, geographic focus, or attribution for CiphBit beyond its inclusion as an emerging ransomware actor. It was also mentioned as observed in Q3 2023 but not Q4 2023, and separately as reporting 2 incidents. No nation-state attribution, sub-groups, or additional aliases are provided in the content.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Emerging ransomware group listed as active in Q1 2025 targeting industrial sectors.
Ransomware group observed in Q3 2023 but not observed in Q4 2023 (per Dragos tracking of industrial-targeting ransomware).
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.