In a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least 52 organizations across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including organizations in the critical manufacturing, energy, financial services, government, and information technology sectors.
Threat profile
RagnarLocker can be recognized by the extension of the encrypted files which contains “.RGNR_<ID>,” or “.ragnar_<ID>” where <ID> is a hash of the computer’s NETBIOS name.