Trigona Ransomware Attacks Utilize Custom Exfiltration Tool

Recently observed Trigona ransomware attacks employ a custom command-line tool designed to exfiltrate data from compromised systems more efficiently. The tool accelerates data theft by optimizing extraction processes in targeted environments. No specific dates, victim organizations, or technical indicators (such as file hashes or CVE IDs) were disclosed in the reported activity. The attacks focus on enhancing the speed and effectiveness of data exfiltration prior to encryption. Trigona ransomware operators are leveraging this bespoke utility to streamline their extortion operations. The full scope of impacted sectors or regions remains unspecified.