DUBAI, DUBAI, UNITED ARAB EMIRATES, February 11, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, has released new findings on BQTLock and GREENBLOOD, two newly identified ransomware threats built for fast business disruption.
By combining quick operational disruption with tactics that reduce visibility, these attacks can escalate into downtime, compliance exposure, and financial loss before teams fully confirm what鈥檚 happening.
饾悇饾惐饾悶饾悳饾惍饾惌饾悽饾惃饾惂 饾悘饾悮饾惌饾惌饾悶饾惈饾惂饾惉 饾悂饾悶饾悺饾悽饾惂饾悵 饾惌饾悺饾悶 饾悕饾悶饾惏 饾悜饾悮饾惂饾惉饾惃饾惁饾惏饾悮饾惈饾悶 饾悡饾悺饾惈饾悶饾悮饾惌饾惉
饾棔饾棨饾棫饾棢饾椉饾棸饾椄 is a stealth-focused ransomware-linked chain that injects Remcos into explorer.exe, performs a UAC bypass via fodhelper.exe, and establishes autorun persistence to retain elevated access after reboot. It then shifts into credential theft and screen capture, turning the incident into both a ransomware event and a potential data exposure case.
饾棜饾棩饾棙饾棙饾棥饾棔饾棢饾棦饾棦饾棗 is a Go-based ransomware built for rapid impact. It uses ChaCha8-based encryption to disrupt operations within minutes, followed by self-deletion and cleanup attempts to reduce forensic visibility. The campaign also relies on TOR leak-site pressure, adding extortion leverage even after recovery efforts begin.
For a deeper technical breakdown with actionable detection insights and real indicators of compromise, read the full research on ANY.RUN鈥檚 Blog.
饾悂饾惍饾惉饾悽饾惂饾悶饾惉饾惉 饾悎饾惁饾惄饾悮饾悳饾惌 饾悁饾悳饾悳饾悶饾惀饾悶饾惈饾悮饾惌饾悶饾惉 饾悮饾惉 饾悆饾悶饾惌饾悶饾悳饾惌饾悽饾惃饾惂 饾悥饾悽饾惂饾悵饾惃饾惏饾惉 饾悞饾悺饾惈饾悽饾惂饾悿
Common business consequences include:
路 Rapid downtime and service disruption triggered by fast encryption or delayed detection
路 Data exposure and compliance risk driven by credential theft, screen capture, or leak-site threats
路 Reduced forensic visibility caused by stealth techniques or cleanup activity
路 Higher recovery and incident-response costs as response windows shrink from hours to minutes
Together, these factors shift ransomware from an isolated security incident to a time-critical business risk requiring faster detection and containment.
饾悁饾悰饾惃饾惍饾惌 饾悁饾悕饾悩.饾悜饾悢饾悕
ANY.RUN fits into modern SOC workflows, integrating into existing processes and supporting investigations across Tier 1, Tier 2, and Tier 3.
It helps teams safely detonate suspicious content, confirm real behavior, enrich findings with threat context, and apply fresh intelligence to move faster and make confident decisions.
Today, more than 600,000 security professionals and 15,000 organizations rely on ANY.RUN to accelerate triage, reduce escalations, and stay ahead of evolving threats.
The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
LinkedIn
YouTube
X
Legal Disclaimer:
EIN Presswire provides this news content “as is” without warranty of any kind. We do not accept any responsibility or liability
for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this
article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
