Ransomware Tracker (Entry #231): WAGNER

The report describes the WAGNER ransomware—likely built with the Chaos v4.0 builder and linked by metadata and timing to the Wagner Group/Prigozhin context—using AES-256-CBC to encrypt files and RSA-1024 to protect AES keys; files larger than 2 MB are irreversibly overwritten, a Truesec decryptor exists for files under 2 MB, and the authors assess the campaign as pseudo-extortion rather than a genuine ransom operation.