| https://arstechnica.com/information-technology/2019/05/baltimore-city-government-hit-by-robbinhood-ransomware/ |
| https://blogs.quickheal.com/a-new-ransomware-goodwill-hacks-the-victims-for-charity-read-more-to-know-more-about-this-ransomware-and-how-it-affects-its-victims/ |
| https://download.microsoft.com/download/f/8/1/f816b8b6-bee3-41e5-b6cc-e925a5688f61/Microsoft_Digital_Defense_Report_2020_September.pdf |
| https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf |
| https://goggleheadedhacker.com/blog/post/12 |
| https://krebsonsecurity.com/2019/06/report-no-eternal-blue-exploit-found-in-baltimore-city-ransomware/ |
| https://news.sophos.com/en-us/2020/02/06/living-off-another-land-ransomware-borrows-vulnerable-driver-to-remove-security-software/ |
| https://news.sophos.com/en-us/2022/03/17/the-ransomware-threat-intelligence-center/ |
| https://statescoop.com/baltimore-ransomware-crowdstrike-extortion/ |
| https://twitter.com/VK_Intel/status/1121440931759128576 |
| https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/ |
| https://www.bleepingcomputer.com/news/security/ransomware-exploits-gigabyte-driver-to-kill-av-processes/ |
| https://www.boll.ch/datasheets/WG_Threat_Report_EN.pdf |
| https://www.cert.ssi.gouv.fr/uploads/CERTFR-2020-CTI-001.pdf |
| https://www.crowdstrike.com/blog/double-trouble-ransomware-data-leak-extortion-part-1/ |
| https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/ |
| https://www.microsoft.com/security/blog/2020/04/28/ransomware-groups-continue-to-target-healthcare-critical-services-heres-how-to-reduce-risk/ |
| https://www.sentinelone.com/blog/robinhood-ransomware-coolmaker-function-not-cool/ |
| https://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core/ |
