Ransomware Tracker (Entry #210): CyberVolk

**CyberVolk** is a self-proclaimed hacktivist group tied to extortion, DDoS, site defacement, data breaches and ransomware operations; their ransomware is linked to AzzaSec/Babuk derivatives using a hybrid AES+SHA-512 and RSA-4096 scheme, appending extensions like .cvenc/.petik/.CyberVolk, changing desktop wallpapers, and presenting an unclosable decryption modal. Active through 2024 with numerous victims (primarily in Japan and others globally), they claim Russian affiliation but reporting suggests Indian origin with pro-Russian leanings; amounts demanded vary widely and data exfiltration is frequently part of their operations.