DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Rook

Rook

Inactive

rook

First seen: 2021-12-07 07:01:24.544098Total victims: 9

According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files by encrypting them. It also modifies filenames and creates a text file/ransom note (HowToRestoreYourFiles.txt). Rook renames files by appending the .Rook extension. For example, it renames 1.jpg to 1.jpg.Rook, 2.jpg to 2.jpg.Rook.

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

No sector data available

Top Targeted Countries

No country data available

Recent Victimsshowing 9 of 9

NameCountrySectorDate
Abdi ibrahim——2022-01-08 10:19:00.640637
Evalueserve——2021-12-28 02:35:19.067931
DENSO——2021-12-28 02:35:18.723906
Data breach summary——2021-12-26 13:22:13.281417
Rossell Techsys(Data will be given tomorrow)——2021-12-18 16:06:43.972786
KMG Prestige, Inc. (Data will be given tomorrow)——2021-12-18 16:06:43.948614
Rosendahl Design Group——2021-12-14 14:56:49.050460
Rossell Techsys——2021-12-14 13:18:25.584113
KMG Prestige, Inc.——2021-12-07 07:01:24.544098

Data from ransomware.live