Diavol (d057b6e7-1de4-4f2f-b374-7e879caecd67)

Diavol is a ransomware variant first observed in June 2021 that is capable of prioritizing file types to encrypt based on a pre-configured list of extensions defined by the attacker. The Diavol Ransomware-as-a Service (RaaS) program is managed by Wizard Spider and it has been observed being deployed by Bazar.^{[Fortinet Diavol July 2021]}^{[FBI Flash Diavol January 2022]}^{[DFIR Diavol Ransomware December 2021]}^{[Microsoft Ransomware as a Service]}

Rows: 1
Loading extensions...
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.2
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Tidal Groups		Clear Tidal Software	Clear 1
Wizard Spider (0b431229-036f-4157-a1da-ff16dfc095f8)	Tidal Groups	Diavol (d057b6e7-1de4-4f2f-b374-7e879caecd67)	Tidal Software	1