Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Case Study: Credit Union Boosts Threat Prevention & Detection with Cymulate
Learn More
New Research: Cymulate Research Labs Discovers Token Validation Flaw
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

Sirattacker And ALC Ransomware Analysis

March 20, 2023

The Sirattacker and ALC ransomware families continue to gain traction and compromise Microsoft Windows devices. Sirattacker is a variant of Chaos ransomware and is possibly distributed as an Ethereum mining application. The malware gives the victim 72 hours to purchase the decryption key for $400.00US. ALC ransomware creates several files on the infected desktop and displays a ransom note demanding $2000.00US for access to the locked files. The malware does not actually encrypt files but acts more of a scareware to convince the victim to pay the ransom.

Featured Resources

View More Resources
CVE-2026-26117: Hijacking Azure Arc on Windows for Local Privilege Escalation & Cloud Identity Takeover 
blog

CVE-2026-26117: Hijacking Azure Arc on Windows for Local Privilege Escalation & Cloud Identity Takeover 

CVE-2026-26117 lets attackers hijack Azure Arc on Windows, escalate to SYSTEM, and seize the machine’s cloud identity.

Read More
Exposure Validation Demo
Demo

Exposure Validation Demo

Demo of automated offensive simulations validating detection, prevention, and IOC coverage

Learn More
Validate What Matters: Simulate Real-World Identity and Privilege Attacks in AD and Entra ID 
blog

Validate What Matters: Simulate Real-World Identity and Privilege Attacks in AD and Entra ID 

Identity is the new perimeter. The move to the cloud and remote work creates new security boundaries based on users and services operating across cloud and hybrid environments, making

Read More