Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
ThreatDown

ThreatDown Vendor Cyber Rating & Cyber Score

threatdown.com

ThreatDown, powered by Malwarebytes, is on a mission to overpower threats and empower IT by removing the complexity of detecting and stopping today’s most advanced threats. With the rapid increase of attack surfaces, security products have multiplied and become increasingly complicated to deploy and manage for IT organizations with limited resources. ThreatDown solutions pair technology with services to streamline security and provide robust protection that’s efficient and cost effective. Core to the ThreatDown DNA is a decade plus experience detecting and eliminating malware that others missed. ThreatDown extends the Malwarebytes superior remediation to all threat types, combining Endpoint Protection, Endpoint Detection & Response, and


ThreatDown A.I CyberSecurity Scoring

ThreatDown
Company Information
Website:http://threatdown.com
Employees number:156
Number of followers:4,354
NAICS:541514
Industry Type:Computer and Network Security
Homepage:threatdown.com
ThreatDown Risk Score (AI oriented)
Between 600 and 649
logo
ThreatDownComputer and Network Security
Updated:
22/06/2026
640/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
ThreatDown Global Score (TPRM)
xxxx
logo
ThreatDownComputer and Network Security
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

ThreatDown
ThreatDownPoor
Current Score
640Caa (POOR)
01000
1 incidents
-111 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
641Before Incident
JUNE 2026
751Before Incident
Ransomware
17 Jun 2026ThreatDown
ThreatDown: Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes

Prinz Eugen Ransomware Targets Recently Modified Files

640After Incident
CRITICAL-111
THR1782152845
Prinz Eugen Ransomware Targets Recently Modified Files, Skips Ransom Notes ThreatDown researchers have uncovered a new Go-based ransomware strain, Prinz Eugen, that prioritizes encrypting the most recently modified files leaving organizations vulnerable to data loss before backups can catch up. Unlike traditional ransomware, it does not drop a ransom note on disk, complicating detection and response efforts. The malware encrypts files in order of modification time, appending the .prinzeugen extension, and uses ChaCha20-Poly1305 encryption with integrity checks. A unique feature is its optional --delete flag, which removes original files only after verifying encrypted copies can be decrypted. This approach risks same-day work such as active databases, cloud-synced files, or shared drives falling outside the latest clean backup window. Without a ransom note, wallpaper change, or other visible demands, Prinz Eugen evades traditional detection methods reliant on these artifacts. Organizations with tight recovery point objectives (RPOs) or high-volume file changes may find critical data unrecoverable if backups lag even slightly. The attack chain observed by ThreatDown involved RemotePC sessions used to deploy PowerShell stagers, highlighting how legitimate remote management tools can be abused for lateral movement. The ransomware also clears encryption keys, runs garbage collection, and deletes itself post-execution, further limiting recovery options. To counter such threats, security teams are advised to validate backup coverage for recently modified files, supplement ransom-note-based playbooks with behavioral detection (e.g., rapid file writes, unusual access patterns), and monitor for off-hours RMM activity or unauthorized PowerShell usage. The incident underscores gaps in conventional ransomware response protocols when attackers bypass traditional indicators.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Data Compromised: Recently modified files (active databases, cloud-synced files, shared drives)Operational Impact: Data loss before backups can recover, potential unrecoverable critical data if backups lag
DATA BREACH
Type Of Data Compromised: Recently modified files (active databases, cloud-synced files, shared drives)Data Encryption: ChaCha20-Poly1305 with integrity checks
MAY 2026
751Before Incident
APRIL 2026
751Before Incident
MARCH 2026
751Before Incident
FEBRUARY 2026
751Before Incident
JANUARY 2026
751Before Incident
DECEMBER 2025
751Before Incident
NOVEMBER 2025
751Before Incident
OCTOBER 2025
751Before Incident
SEPTEMBER 2025
751Before Incident
AUGUST 2025
751Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for ThreatDown ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in June 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in May 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in April 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in March 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in February 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in January 2026 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in December 2025 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in November 2025 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in October 2025 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in September 2025 ?
?
What was ThreatDown's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on ThreatDown's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with ThreatDown ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view ThreatDown's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?