Embargo Ransomware Threatens Data Leak If Ransom Not Paid

Embargo is ransomware written in Rust that encrypts files using ChaCha20 and Curve25519 algorithms adding the .564ba1 extension to encrypted files. It threatens to leak data and notify various parties if the ransom is not paid. Researchers noticed similarities between Embargo and ALPHV (Blackcat) ransomware particularly in their user interfaces and the structure and syntax of their Rust binaries used for generating log files. Although ALPHV has more capabilities it is suspected that Embargo may be a rewritten version of ALPHV.