RST TI Report Digest: 09 Feb 2026

F6 Threat Intelligence reports that NyashTeam, a Russian-speaking cybercriminal group active since at least 2022, is distributing a blocker-type malware that masquerades as ransomware (encrypting files and demanding payment) but primarily aims to disrupt operations. The analysis links multiple tools and services (e.g., WebRat, DCRat, SalatStealer), identifies over 110 domains associated with the group's infrastructure, and publishes numerous IOCs including domains, URLs, and many file hashes to support detection and response.