devman2

DevMan 2.0 is the evolved iteration of the DevMan ransomware, first documented in July 2025. It enhances the capabilities of its predecessor with robust double-extortion tactics and operates under a Ransomware-as-a-Service (RaaS) model, offering structured leak and extortion infrastructure. Affiliates and operators are using it across diverse sectors—such as manufacturing, retail, and electronics—targeting organizations in Japan, Germany, and other countries. Demands from initial campaigns range widely, spanning from around $1 million to over $10 million USD.