Betruger Backdoor: How RansomHub is Redefining Ransomware Strategies

Download PDF

RansomHub, a ransomware-as-a-service operation, has been deploying a custom backdoor named Betruger. This multi-functional malware consolidates capabilities such as keylogging, network scanning, credential dumping, and privilege escalation into a single tool, minimizing the need for multiple attack components. By masquerading under benign filenames like “mailer.exe,” Betruger evades detection, enhancing the stealth of ransomware attacks. This development underscores the evolving sophistication of ransomware tactics, highlighting the necessity for robust cybersecurity measures.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox

Cyber Horizons 2025

What Last Year’s Attacks Reveal About Today’s Risks

Watch the Webinar on-demand and get a FREE copy of our Cyber Horizons 2025 report.

Our Speakers
Speaker 1

Prateek Bhajanka Global Field CISO & Former Gartner Analyst Hive Pro Inc.

Speaker 2

Ankit Mani Manager Threat Intel HiveForce Labs

Speaker 3

Sreevani Tonipe Senior Threat Researcher HiveForce Labs