Play Ransomware (aeafc9f4-e3b4-42ec-a156-4a05f1aa5ea3)
Play is a ransomware operation first observed in July 2022. Security researchers have observed filename, filepath, and TTP overlaps between Play and Hive and Nokayawa ransomwares, which themselves are believed to be linked.[Trend Micro Play Playbook September 06 2022] According to publicly available ransomware extortion threat data, Play has claimed nearly 200 victims from a wide range of sectors on its data leak site since December 2022.[GitHub ransomwatch]