The Reveal Platform
Intel Name: 01flip: multi-platform ransomware written in rust
Date of Scan: December 11, 2025
Impact: High
Summary: In June 2025, we identified a new ransomware family called 01flip targeting a small set of victims in the Asia-Pacific region. Written entirely in Rust, it leverages cross-compilation to support multiple platforms. The attackers appear to be financially motivated and likely executed the operation manually. Shortly after the intrusion, an alleged data leak from one affected organization surfaced on a dark-web forum. We are monitoring this activity under the tracking ID CL-CRI-1036. This designation reflects a cluster of malicious behavior consistent with cybercrime.
