DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Rook

Rook

Inactive

rook

First seen: 2021-12-07T07:01:24.544098+00:00Total victims: 9

According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files by encrypting them. It also modifies filenames and creates a text file/ransom note (HowToRestoreYourFiles.txt). Rook renames files by appending the .Rook extension. For example, it renames 1.jpg to 1.jpg.Rook, 2.jpg to 2.jpg.Rook.

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

Recent Victimsshowing 9 of 9

NameCountrySectorDate
Abdi ibrahim—Healthcare2022-01-08T10:19:00.640637+00:00
Evalueserve—Business Services2021-12-28T02:35:19.067931+00:00
DENSOJPManufacturing2021-12-28T02:35:18.723906+00:00
Data breach summary—Not Found2021-12-26T13:22:13.281417+00:00
Rossell Techsys(Data will be given tomorrow)—Technology2021-12-18T16:06:43.972786+00:00
KMG Prestige, Inc. (Data will be given tomorrow)—Energy2021-12-18T16:06:43.948614+00:00
Rosendahl Design Group—Consumer Services2021-12-14T14:56:49.050460+00:00
Rossell Techsys—Technology2021-12-14T13:18:25.584113+00:00
KMG Prestige, Inc.—Manufacturing2021-12-07T07:01:24.544098+00:00

Data from ransomware.live