Under attack?
Close

Get in Touch

Contact us to learn more about our elite cybersecurity services and industry-leading technologies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Close
Breachquest

Emergency Incident Assistance

Is your network under attack? Get in touch with a
BreachQuest Specialist right away with this form.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811
Contact for non-emergency Contact for non-emergency

Quantum

This group is among the fastest ransomware groups due to the speed of its attacks, where some incidents have taken place within as little as 4 hours. The groups’ victims tend to be in the financial and healthcare sectors, targeting them with an email containing an attachment or link to an ISO image containing an IceID payload, a lately successful tactic at fooling security controls. After execution of the IceID payload and child processes are spawned to create persistence, a Cobalt Strike beacon is deployed to further the attack and gain a stronger foothold within the environment. The malware‘s ransom notes directs victims to a portal where they can contact and negotiate with the group. The group is a rebrand of MountLocker ransomware, which launched in September 2020. Since then, the ransomware gang has rebranded several times, including AstroLocker, XingLocker, and now in its current phase, the Quantum Locker.

Go Back Go to Glossary index
Share this article:

Sign up for our newsletter to get more industry news and insights.

Related Resources

Quantum Ransomware

Learn more