dAn0n Hacker Group Reemerges as White Lock Ransomware

White Lock is a newly observed ransomware operation tied to the dAn0n extortion group: four samples (earliest compile timestamp Sept 29, 2025) perform file encryption (appending '.fbin'), delete shadow copies, change the desktop wallpaper, and drop a 'c0ntact.txt' ransom note directing victims to a TOR chat (standard ransom appears to be 4 BTC). Investigators link White Lock and dAn0n by shared www subdomain hosting and email server subnet, and the report includes extensive IOCs (sample hashes, IPs, TOR and clearnet domains, ransom filenames) to support attribution and detection.