Ransomware

Actividad reciente de grupos de ransomware

Fuente externa

Fuente externa: Ransomware.live. Estos datos no implican correlacion directa con nuestros sensores. La disponibilidad puede depender de la API publica.

Victimas Recientes100

Grupo	Victima	Pais	Fecha
incransom	Community Connections	US	Invalid Date
krybit	BJ Grupo	MX	Invalid Date
krybit	kramer-nsc.at	AT	Invalid Date
krybit	whiskey.co.jp	JP	Invalid Date
netrunner	Jordan India Fertilizer Company	JO	Invalid Date
netrunner	Harman Fitness	US	Invalid Date
netrunner	Nippon Medical School Musashi Kosugi Hospital	JP	Invalid Date
netrunner	Shiraume Hospital	JP	Invalid Date
netrunner	GEG Telecomunicazioni	IT	Invalid Date
netrunner	Seoyon E-Hwa Summit	-	Invalid Date
SilentRansomGroup	Bo.. and Br..e	US	Invalid Date
interlock	Community College of Beaver County	US	Invalid Date
AiLock	Berning & Söhne GmbH	DE	Invalid Date
AiLock	Piet Vijverberg	NL	Invalid Date
ALP-001	artmotion.net	CH	Invalid Date
ALP-001	asseco-ce.com	PL	Invalid Date
incransom	BERGE-BAU GmbH & Co. KG	DE	Invalid Date
dragonforce	Asmar Schor & McKenna	US	Invalid Date
incransom	coronapa.com	US	Invalid Date
incransom	roodtrucking.com	US	Invalid Date
payload	United Finance Egypt	EG	Invalid Date
payload	Tscherne Consulting Steuerberatung GmbH	AT	Invalid Date
nightspire	S*a Va***s	-	Invalid Date
akira	American Vintage Home, Briggs Plumbing Products, Genco Manufacturing, American Vintage Hom...	US	Invalid Date
akira	Woodland Trade	US	Invalid Date
akira	Charles River Insurance	US	Invalid Date
akira	Westamerica Communications	US	Invalid Date
qilin	Faulkner County Sheriff's Office	US	Invalid Date
nova	Wolf Technology Group	US	Invalid Date
coinbasecartel	RAKS Sp. z o.o. b Leaked	PL	Invalid Date
coinbasecartel	PC SOFT FRANCE - Leaked	FR	Invalid Date
interlock	The Center for Hearing & Speech	US	Invalid Date
crypto24	Katcon Global	MX	Invalid Date
crypto24	Industrias Guerra, S.A.	ES	Invalid Date
dragonforce	sutex.com	CN	Invalid Date
dragonforce	bunch.ca	CA	Invalid Date
dragonforce	kleankanteen.com	US	Invalid Date
dragonforce	northstarmetal.com	US	Invalid Date
dragonforce	acmealliance.com	US	Invalid Date
dragonforce	jbrand.co.uk	GB	Invalid Date
worldleaks	National Aerospace Fasteners	TW	Invalid Date
dragonforce	cesimaging.com	US	Invalid Date
dragonforce	singita.com	ZA	Invalid Date
dragonforce	atpkg.com	US	Invalid Date
dragonforce	greenwayfence.com	US	Invalid Date
akira	Serap	FR	Invalid Date
incransom	irpea.it	IT	Invalid Date
SilentRansomGroup	Ph..s	US	Invalid Date
qilin	Neurologic Associates Of Central Brevard	US	Invalid Date
qilin	CHEK News	CA	Invalid Date
qilin	jursaconsulting	SK	Invalid Date
dragonforce	Elara Engineering	US	Invalid Date
dragonforce	Fountain	-	Invalid Date
SilentRansomGroup	Plunkett Cooney	US	Invalid Date
qilin	State Road and Tollway Authority	US	Invalid Date
dragonforce	blossmangas.com	US	Invalid Date
payload	SAYEGH	-	Invalid Date
worldleaks	Alamo Heights School District	US	Invalid Date
worldleaks	AMBAU Personalservice	DE	Invalid Date
dragonforce	First Trinity Financial	US	Invalid Date
incransom	Infonet Media d.o.o.	SI	Invalid Date
anubis	Publishers Clearing House	US	Invalid Date
akira	Alliance Roofing	-	Invalid Date
akira	Tange , Mann & Garza	-	Invalid Date
akira	Starr Insurance	US	Invalid Date
akira	Swagelok	US	Invalid Date
akira	Builtrite	-	Invalid Date
incransom	Lincoln Property LLC	US	Invalid Date
nightspire	Association OCACIA	FR	Invalid Date
insomnia	***d d** o	US	Invalid Date
nightspire	PARS AR-GE	TR	Invalid Date
ALP-001	iliad.fr	FR	Invalid Date
ALP-001	knewin.com	BR	Invalid Date
beast	project1631.com	-	Invalid Date
nightspire	TTAF Defense	TR	Invalid Date
ALP-001	polsat.pl	PL	Invalid Date
ALP-001	lacor.es	ES	Invalid Date
ALP-001	kob.com	US	Invalid Date
nightspire	S*n otr*io	-	Invalid Date
nightspire	The GMP Group	SG	Invalid Date
nightspire	The GMP Group ( Premier Singapore Recruitment Firm with Global Reach )	SG	Invalid Date
nightspire	Neptune Mechanical, Inc.	US	Invalid Date
nightspire	Siena Construction	US	Invalid Date
nightspire	Dubosson Frères SA	CH	Invalid Date
ALP-001	terix.com	US	Invalid Date
nightspire	Ghazi Brothers	PK	Invalid Date
nightspire	Southeastern Conference of Seventh-day Adventists	US	Invalid Date
qilin	Die Linke	DE	Invalid Date
ALP-001	esprinet.com	IT	Invalid Date
nightspire	Notre-Dame du Grandchamp	FR	Invalid Date
ALP-001	hikvision.com	CN	Invalid Date
dragonforce	fhw-neukoelln.de	DE	Invalid Date
nightspire	Advanced Vehicle Assemblies	US	Invalid Date
incransom	VLawyers	GR	Invalid Date
ALP-001	pellenc.com	FR	Invalid Date
ALP-001	kyoceradocumentsolutions.eu	EU	Invalid Date
dragonforce	congoleum.com	US	Invalid Date
shinyhunters	Cisco Systems, Inc. (cisco.com)	US	Invalid Date
ALP-001	jaxa.jp	JP	Invalid Date
ALP-001	irco.com	US	Invalid Date

Grupos de Ransomware329

0apt

The group appears unreliable. Most, if not all, of its alleged victims cannot be verified and appear to be randomly selected organizations. WE HAVE DE...

oaptxiyisljt2kv3we2we34kuudmqda7f2geffoylzpeo7ourhtz4dad.onion

0mega

omegalock5zxwbhswbisc42o2q2i54vdulyvtqqbudqousisjgc7j7yd.onion0mega.cc

8base

The 8base Ransomware group made its first appearance in early March 2022, remaining somewhat quiet after the attacks. This group operates like other r...

basemmnnqwxevlymli5bs36o5ynti55xojzvn246spahniugwkff2pad.onionxb6q2aggycmlcrjtbjendcnnwpmmwbosqaugxsqb4nx6cmod3emy7sad.onion92.118.36.204.xfycpauc22t5jsmfjcaz2oydrrrfy75zuk6chr32664bsscq4fgyaaqd.onion

Abrahams_Ax

abrahamm32umasogaqojib3ey2w2nwoafffrguq43tsyke4s3fz3w4yd.onionabrahams-ax.se

abyss

3ev4metjirohtdpshsqlkrqcmxq6zu3d7obrdhglpy5jpbr7whmlfgqd.onion

adminlocker

adminavf4cikzbv6mbbp7ujpwhygnn2t3egiz2pswldj32krrml42wyd.onion

againstthewest

giphvoitymatg4cv7bxqh5dz6sn6bfscywoat4qtslztkomf5lavrayd.onion

aGl0bGVyCg

hitleransomware.cf

AiLock

dhnsppqjaaa22lsqxl2tfhji4ca43743kubltnodvsft3hkvai77p6ad.onion

akira

The Akira ransomware group is said to have emerged in March 2023, and there's much speculation about its ties to the former CONTI ransomware group.<br...

akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onionakiralkzxzq2dsrzsrvbr2xgbbu2wgsmxryd4csgfameg52n7efvr2id.onion

ako

A Windows ransomware that will run certain tasks to prepare the target system for the encryption of files. MedusaLocker avoids executable files, proba...

kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion

alphalocker

mydatae2d63il5oaxxangwnid5loq2qmtsol2ozr6vtb7yfm5ypzo6id.onionmydatae2d63il5oaxxangwnid5loq2qmtsol2ozr6vtb7yfm5ypzo6id.onion

alphv

The operators of the ALPHV/BlackCat ransomware began their activity in December 2021, making posts on Dark Web forums to promote their affiliate progr...

alphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onionalphvmmm27o3abo3r2mlmjrpdmzle3rykajqc5xsj7j7ejksbpsa36ad.onion2cuqgeerjdba2rhdiviezodpu3lc4qz2sjf4qin6f7std2evleqlzjid.onionvqifktlreqpudvulhbzmc5gocbeawl67uvs2pttswemdorbnhaddohyd.onionalphvuzxyxv6ylumd2ngp46xzq3pw6zflomrghvxeuks6kklberrbmyd.onion

anubis

om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion

apos

yrz6bayqwhleymbeviter7ejccxm64sv2ppgqgderzgdhutozcbbhpqd.onion

apt73

A new ransomware group is said to have emerged in mid-April 2024, under the name 'APT73.' It's worth noting that the group reportedly self-proclaimed ...

eraleignews.comwn6vonooq6fggjdgyocp7bioykmfjket7sbp47cwhgubvowwd7ws5pyd.onionfleqwmg7xnanypt5km2m75l72q7nlcvlp2m4sdmgjxorsn6tb3zyp3qd.onionapt73grpjgjwykrenq7vnjejue76vosdzptdvmonv7vyqnsyokrw57ad.onionbashe4aec32kr6zbifwd5x6xgjsmhg4tbowrbx4pneqhc5mqooyifpid.onionbasheqtvzqwz4vp6ks5lm2ocq7i6tozqgf6vjcasj4ezmsy4bkpshhyd.onionbasherq53eniermxovo3bkduw5qqq5bkqcml3qictfmamgvmzovykyqd.onionbasherykagbxoaiaxkgqhmhd5gbmedwb3di4ig3ouovziagosv4n77qd.onionbasherykagbxoaiaxkgqhmhd5gbmedwb3di4ig3ouovziagosv4n77qd.onionbashete63b3gcijfofpw6fmn3rwnmyi5aclp55n6awcfbexivexbhyad.onionbashex7mokreyoxl6wlswxl4foi7okgs7or7aergnuiockuoq35yt3ad.onion

arcusmedia

arcuufpr5xxbbkin4mlidt7itmr6znlppk63jbtkeguuhszmc5g7qdyd.onion

argonauts

jbmk7h6xlkedn2gg5yi76zca6y3jgdlp5wchlsrd7735tlnrmmvqe5ad.onion

arkana

ransomwvbabemdnwl7lzgeenyfmmhskaed6jcruwhkvapsia76vttzyd.onionarkanabb66ee4nsdji6la2bu6bwqe3dbtsyf3rxrv6vhiehod7utagad.onion

arvinclub

3kp6j22pz3zkv76yutctosa6djpj4yib2icvdqxucdaxxedumhqicpad.onionarvinc7prj6ln5wpd6yydfqulsyepoc7aowngpznbn3lrap2aib6teid.onion

atomsilo

mhdehvkomeabau7gsetnsrhkfign4jgnx3wajth5yb5h6kvzbd72wlqd.onionl5cjga2ksw6rxumu5l4xxn3cmahhi2irkbwg3amx6ajroyfmfgpfllid.onionnpmh5ahrgakbniuntyc7io4adm6ietbdbuejrfonowqtyqn24or556qd.onionnpmh5ahrgakbniuntyc7io4adm6ietbdbuejrfonowqtyqn24or556qd.onion

avaddon

Avaddon is a ransomware malware targeting Windows systems often spread via malicious spam. The first known attack where Avaddon ransomware was distrib...

avaddongun7rngel.onion

avos

avos2fuj6olp6x36.onion

avoslocker

avosqxh72b5ia23dl5fgwcpndkctuzqvh2iefk5imp3pi5gfhel5klad.onionavosjon4pfh3y7ew3jdwz6ofw7lljcxlbk7hcxxmnxlh5kvf2akcqjad.onion

aware

ui2uleaiisccbtcooyi34cy5u3plpd5wraiza6wtibolshuf7tnzziid.onion

aztroteam

anewset3pcya3xvk73hj7yunuamutxxsm5sohkdi32blhmql55tvgqad.onion

babuk

Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX ...

nq4zyac4ukl4tykmidbzgdlvaboqeqsemkp4t35bzvjeve6zm2lqcjid.onion

babuk2

Babuk Locker 2.0, also known as Bjorka or SkyWave, after failing to make any profit from selling public databases on forums, decided to impersonate Ba...

7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onionbxwu33iefqfc3rxigynn3ghvq4gdw3gxgxna5m4aa3o4vscdeeqhiqad.onion212.24.99.211.5g2e.l.time4vps.cloud

babyduck

babydovegkmhbontykziyq7qivwzy33mu4ukqefe4mqpiiwd3wibnjqd.onion

beast

Beast is a Ransomware-as-a-service (RaaS) product which provides functionality such as SMB scanning, file encryption, service and process starting and...

beast6azu4f7fxjakiayhnssybibsgjnmy77a6duufqw5afjzfjhzuqd.onionooie6tet7ggcmlgvtmyvok4s6vha6ecwczssbchbyxrg2r6v2m6zkkad.onion

benzona

benzona6x5ggng3hx52h4mak5sgx5vukrdlrrd3of54g2uppqog2joyd.onionrwsu75mtgj5oiz3alkfpnxnopcbiqed6wllyoffpuruuu6my6imjzuqd.onion

bert

bertblogsoqmm4ow7nqyh5ik7etsmefdbf25stauecytvwy7tkgizhad.onion

bianlian

BianLian ransomware operations began in late 2021. The group practices multi-pronged extortion, demanding payment for a decryptor, as well as the non-...

bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onionbianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onionbianliaoxoeriowgqohcly4a6sbkpc3se2yvxgidxomxlpuhx5ehrpad.onion

blackbasta

"Black Basta" is a new ransomware strain discovered during April 2022 - looks in dev since at least early February 2022 - and due to their ability to ...

stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onionaazsbsgya565vlu2c6bzy6yfiebkcbtvvcytvolt33s77xypi7nypxyd.onionbastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion

blackbyte

Ransomware. Uses dropper written in JavaScript to deploy a .NET payload.

6iaj3efye3q62xjgfxyegrufhewxew7yt4scxjd45tlfafyja6q4ctqd.onionf5uzduboq4fa2xkjloprmctk7ve3dm46ff7aniis66cbekakvksxgeqd.oniondlyo7r3n4qy5fzv4645nddjwarj7wjdd6wzckomcyc7akskkxp4glcad.onionfl3xpz5bmgzxy4fmebhgsbycgnz24uosp3u4g33oiln627qq3gyw37ad.onionce6roic2ykdjunyzazsxmjpz5wsar4pflpoqzntyww5c2eskcp7dq4yd.onionjbeg2dct2zhku6c2vwnpxtm2psnjo2xnqvvpoiiwr5hxnc6wrp3uhnad.onion53d5skw4ypzku4bfq2tk2mr3xh5yqrzss25sooiubmjz67lb3gdivcad.oniontj3ty2q5jm5au3bmd2embtjscd3qjt7nfio2o7cr6moyy5kgil5pieqd.oniondounczge5jhw4iztnnpzp54kd4ot3tikhjsimurtcewqssgye6vvrhqd.onion

blacklock

BlackLock is a rebranded version of another ransomware group known as Eldorado. It has since become one of the most active extortion syndicates in 202...

zdkexsh2e7yihw5uhg5hpsgq3dois2m5je7lzfagij2y6iw5ptl35gyd.onion

blackmatter

Ransomware-as-a-Service

blackmax7su6mbwtcyo3xwtpfxpm356jjqrs34y4crcytpw7mifuedyd.onion

blacknevas

ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onionctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion

blackout

black3gnkizshuynieigw6ejgpblb53mpasftzd6pydqpmq2vn2xf6yd.onion

blackshadow

544corkfh5hwhtn4.onion

blackshrantac

b2ykcy2gcug4gnccm6hnrb5xapnresmyjjqgvhafaypppwgo4feixwyd.onionjvkpexgkuaw5toiph7fbgucycvnafaqmfvakymfh5pdxepvahw3xryqd.onionshrantacpxim7z6m6pnszi52bb2tp23sntby3hklt36rezdja7bdjsyd.onion

blacksuit

According to Trend Micro, this ransomware has significant code overlap with Royal Ransomware.

weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion

blacktor

bl4cktorpms2gybrcyt52aakcxt6yn37byb65uama5cimhifcscnqkid.onion

bluebox

zu3wfrmrkl4ltqqnpt3owp3cwa33rqwod4gpe3ttb5o4vf2is2gzm6qd.onion

bluelocker

Blue Locker targets Pakistan’s vital energy sector, particularly Pakistan Petroleum

bluesky

ccpyeuptrlatb2piua4ukhnhi7lrxgerrcrj4p2b5uhbzqm2xgdjaqid.onion

bonacigroup

bonacifryrxr4siz6ptvokuihdzmjzpveruklxumflz5thmkgauty2qd.onion

bqtlock

yywhylvqeqynzik6ibocb53o2nat7lmzn5ynjpar3stndzcgmy6dkgid.onion

BrainCipher

Brain Cipher emerged in July 2024. Both Windows and Linux variants are available. Brain Cipher using the leaked build of LockBit Black for their opera...

vkvsgl7lhipjirmz6j5ubp3w3bwvxgcdbpi3fsbqngfynetqtw4w5hyd.onionmybmtbgd7aprdnw2ekxht5qap5daam2wch25coqerrq2zdioanob34ad.onionbrain4zoadgr6clxecixffvxjsw43cflyprnpfeak72nfh664kqqriyd.onion77nrxelcwh47yikvpaz2rvtsten4sen2elybo5r5st6wlxsbitv255qd.onionp6wmotxzvg34tdmpwm4beqgrcyp5iys43snkccsahnw74la3k3xx6pad.onionzktnif5vckhmz5tyrukp5bamatbfhkxjnb23rspsanyzywcrx3bvtqad.onion4ldgw2wuidqu5ef3rzx4byonf3y7rdnh43jiw2z4sbtjiwic6gkov7yd.onioncuuhrxbg52c5agytmtjpwfu7mrs4xtaitc4mukkiy2kqdxeqbcmuhaid.onion

bravox

bravoxxtrmqeeevhl7gdh2yzvlrjxajr66d33c7ozosrccx4cz7cepad.onionbravoxxwcfz5qk43ychgveprpd5mw5hvxfs4a2uz2okx7mumiht4fzyd.onion

brotherhood

brohoodyaifh2ptccph5zfljyajjabwjjo4lg6gfp4xb6ynw5w7ml6id.onion

cactus

The CACTUS ransomware is said to have emerged around March 2023. The group became known for exploiting vulnerabilities to gain initial access and main...

cactusbloguuodvqjmnzlwetjlpj6aggc6iocwhuupb47laukux7ckid.onioncactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onionsonarmsng5vzwqezlvtu2iiwwdn3dxkhotftikhowpfjuzg7p3ca5eid.onion

cephalus

cephalus6oiypuwumqlwurvbmwsfglg424zjdmywfgqm4iehkqivsjyd.onion46.17.42.64.

chaos

hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onionhptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion

cheers

rwiajgajdr4kzlnrj5zwebbukpcbrjhupjmk6gufxv6tg7myx34iocad.onioncrkfkmrh4qzbddfrl2axnkvjp5tgwx73d7lq4oycsfxc7pfgbfhtfiid.onion

chilelocker

z6vidveub2ypo3d3x7omsmcxqwxkkmvn5y3paoufyd2tt4bfbkg33kid.onion

chort

hgxyonufefcglpekxma55fttev3lcfucrf7jvep2c3j6447cjroadead.onion

cicada3301

cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion

ciphbit

ciphbitqyg26jor7eeo6xieyq7reouctefrompp6ogvhqjba7uo4xdid.onion

cipherforce

o3ydbkayttkyg4iw2nc732jxmmex25bjeyqyvuuyngnxmpehdefjr3qd.oniono3ydbkayttkyg4iw2nc732jxmmex25bjeyqyvuuyngnxmpehdefjr3qd.onion

cloak

cloak7jpvcb73rtx2ff7kaw2kholu7bdiivxpzbhlny4ybz75dpxckqd.onion

clop

The ransomware group known as Cl0p is a variant of a previously known strain dubbed CryptoMix. It is worth noting that this variant was delivered as t...

ekbgzchl6x2ias37.onionsantat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.oniontoznnag5o3ambca56s2yacteu7q7x2avrfherzmz4nmujrjuib4iusad.onion

coinbasecartel

CoinbaseCartel specializes in data acquisition through system access and strategic partnerships. It focus exclusively on data exfiltration—our operati...

fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion

ContFR

RAAS - Ransomware intégré à un fichier PDF, à faire ouvrir à vos victimes ou à insérer vous-même, Windows et Mac, ne fonctionne pas sur Linux. Tableau...

zprxx7sfc26rufggreanowmme5qqouqegr2efnko6erycquwvpq5egid.onion

conti

Conti is an extremely damaging ransomware due to the speed with which it encrypts data and spreads to other systems. It was first observed in 2020 and...

continewsnv5otx5kaoje7krkto2qbu3gtqef22mnr7eaxw3y6ncz3ad.onioncontinews.clickcontinews.bz

cooming

z6mikrtphid5fmn52nbcbg25tj57sowlm3oc25g563yvsfmygkcxqbyd.onionteo7aj5mfgzxyeme.onion

crazyhunter

7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion7i6sfmfvmqfaabjksckwrttu3nsbopl3xev2vbxbkghsivs5lqp4yeqd.onion

crosslock

crosslock5cwfljbw4v37zuzq4talxxhyavjm2lufmjwgbpfjdsh56yd.onion

cry0

cryoblogedawivdcknyd4jsjxkrx3xrqqltxla6wwjjnzm3f3jaxjzqd.onion

crylock

d57uremugxjrafyg.onion

cryp70n1c0d3

7k4yyskpz3rxq5nyokf6ztbpywzbjtdfanweup3skctcxopmt7tq7eid.onion

cryptbb

crypuglupv3bsqnbt5ruu5lgwrwoaojscwhuoccbmbzmcidft5kiccqd.onion

cryptnet

According to OALabs, this ransomware has the following features: * Files are encrypted with AES CBC using a generated 256 bit key and IV.* The genera...

cryptr3fmuv4di5uiczofjuypopr63x2gltlsvhur2ump4ebru2xd3yd.onionblog6zw62uijolee7e6aqqnqaszs3ckr5iphzdzsazgrpvtqtjwqryid.onion

crypto24

j5o5y2feotmhvr7cbcp2j2ewayv5mn5zenl3joqwx67gtfchhezjznad.onion

cuba

The Cuba Ransomware, also known as Colddraw Ransomware, was first identified in the threat landscape in 2019 and built a relatively small but selected...

cuba4mp6ximo2zlo.onioncuba4ikm4jakjgmkezytyawtdgr2xymvy6nvzgw5cglswg3si76icnqd.onion

cyclops

nt3rrzq5hcyznvdkpslvqbbc2jqecqrinhi5jtwoae2x7psqtcb6dcad.onionknight3xppu263m7g4ag3xlit2qxpryjwueobh7vjdc3zrscqlfu3pqd.onion

d4rk4rmy

d4rkd2fybtclo44hss2dpqpw7gmofboxhruax2az3uejw7puxxbpkvqd.onion

dagonlocker

dgnh6p5uq234zry7qx7bh73hj5ht3jqisgfet6s7j7uyas5i46xfdkyd.onion

daixin

232fwh5cea3ub6qguz3pynijxfzl2uj3c73nbrayipf3gq25vtq2r4qd.onion7ukmkdtyxdkdivtjad57klqnd3kdsmq6tp45rrsxqnu76zzv3jvitlqd.onion

dAn0n

2c7nd54guzi6xhjyqrj5kdkrq2ngm2u3e6oy4nfhn3wm3r54ul2utiqd.onion

darkangels

wemo2ysyeq6km2nqhcrz63dkdhez3j25yw2nvn7xba2z4h7v7gyrfgid.onion

darkbit

iw6v2p3cruy7tqfup3yl4dgt4pfibfa3ai4zgnu5df2q3hus3lm7c7ad.onion

darkleakmarket

54rdhzjzc4ids4u4wata4zr4ywfon5wpz2ml4q3avelgadpvmdal2vqd.onionaby6efzmp7jzbwgidgqc6ghxi2vwpo6d7eaood5xuoxutrfofsmzcjqd.oniondarklmmmfuonklpy6s3tmvk5mrcdi7iapaw6eka45esmoryiiuug6aid.oniondarkleakyqmv62eweqwy4dnhaijg4m4dkburo73pzuqfdumcntqdokyd.onion

darkpower

powerj7kmpzkdhjg4szvcxxgktgk36ezpjxvtosylrpey7svpmrjyuyd.onion

darkrace

wkrlpub5k52rjigwxfm6m7ogid55kamgc5azxlq7zjgaopv33tgx2sqd.onion

darkside

Darkside ransomware group has started its operation in August of 2020 with the model of RaaS (Ransomware-as-a-Service). They have become known for the...

darksidc3iux462n6yunevoag52ntvwp6wulaz3zirkmh4cnz6hhj7id.onion

darkvault

tx23pk4zw5qynq3tmfk2jz5zbel63p4nwvkheswze7r6gzxhzcbseyad.onionmdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion

datacarry

dcarryhaih5oldidg3tbqwnde4lxljytnpvberrwgj2vlvunopd46dad.onion

datakeeper

dc4nwiijwiffwztwzj5fngmcoppedrxg4jqj2tq67ontbini6qmlguid.onion

dataleak

woqjumaahi662ka26jzxyx7fznbp4kg3bsjar4b52tqkxgm2pylcjlad.onion

desolator

po4tq2brx4rgwbdx4mac24fz34uuuf7oigosebp32n2462m2vxl6biqd.onion

devman

Former RansomHub and INC Ransom affiliate.

qljmlmp4psnn3wqskkf3alqquatymo6hntficb4rhq5n76kuogcv7zyd.onionwugurgyscp5rxpihef5vl6b6m5ont3b6sezhl7boboso2enib2k3q6qd.oniondevmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion

diavol

A ransomware with potential ties to Wizard Spider.

7ypnbv3snejqmgce4kbewwvym4cm5j6lkzf2hra2hyhtsvwjaxwipkyd.onion

direwolf

direwolfcdkv5whaz2spehizdg22jsuf5aeje4asmetpbt6ri4jnd4qd.onion

dispossessor

This is not a ransomware group but a data broker

dispossessor.come27z5kd2rjsern2gpgukhcioysqlfquxgf7rxpvcwepxl4lfc736piyd.onion

donex

g3h3klsev3eiofxhykmtenmdpi67wzmaixredk5pjuttbx7okcfkftqd.onion

donutleaks

qkbbaxiuqqcqb5nox4np4qjcniy2q6m7yeluvj7n5i5dn7pgpcwxwfid.onionsbc2zv2qnz5vubwtx3aobfpkeao6l4igjegm3xx7tk5suqhjkp5jxtqd.oniondoq32rjiuomfghm5a4lyf3lwwakt2774tkv4ppsos6ueo5mhx7662gid.oniondk4mkfzqai6ure62oukzgtypedmwlfq57yj2fube7j5wsoi6tuia7nyd.onion

doppelpaymer

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable b...

hpoo4dosa3x4ognfxpqcrjwnsigvslm7kv6hvmhh2yqczaxy3j6qnwad.onion

dragonforce

z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion3pktcrcbmssvrnwe5skburdwe2h3v6ibdnn5kbjqihsg6eu6s6b7ryqd.oniondragonforxxbp3awc7mzs5dkswrua3znqyx5roefmi4smjrsdi22xwqd.onion

dragonransomware

Dragon Ransomware, is promising rapid and customizable ransomware operations for Windows systems. Key features include a compact 50KB file size, ultra...

t.me

dread

dreadytofatroptsdj6io7l3xptbet6onoyno2yv7jicoxknyazubrad.onion

dunghill

p66slxmtum2ox4jpayco6ai3qfehd5urgrs4oximjzklxcol264driqd.onionnsalewdnfclsowcal6kn5csm4ryqmfpijznxwictukhrgvz2vbmjjjyd.onion

ech0raix

The QNAPCrypt ransomware works similarly to other ransomware, including encrypting all files and delivering a ransom note. However, there are several ...

veqlxhq7ub5qze3qy56zx2cig2e6tzsgxdspkubwbayqije6oatma6id.onion7zvu7njrx7q734kvk435ntuf37gfll2pu46fmrfoweczwpk2rhp444yd.onion

ElDorado

In September The El Dorado ransomware group have been rebrand as BlackLock

dataleakypypu7uwblm5kttv726l3iripago6p336xjnbstkjwrlnlid.onion

embargo

embargobe3n5okxyzqphpmk3moinoap2snz5k6765mvtkk7hhi544jid.onion

entropy

Entropy is a ransomware first seen in 1st quarter of 2022, is being used in conjunction of Dridex infection. The ransomware uses a custom packer to pa...

leaksv7sroztl377bbohzl42i3ddlfsxopcb6355zc7olzigedm5agad.onion

ep918

dg5fyig37abmivryrxlordrczn6d6r5wzcfe2msuo5mbbu2exnu46fid.onion

everest

Everest ransom group collects and analyzes information about their victims. They specialize in customer privacy data, financial information, databases...

ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion

exitium

m3ksukzn2glzfdvlusohril7n3iyk4z4fudf6mm22lwhpbpt5aiee5qd.onion

exorcist

According to PCrisk, Exorcist is a ransomware-type malicious program. Systems infected with this malware experience data encryption and users receive ...

7iulpt5i6whht6zo2r52f7vptxtjxs3vfcdxxazllikrtqpupn4epnqd.onion

fletchen

193.36.38.2:5000

flocker

flock4cvoeqm4c62gyohvmncx6ck2e7ugvyqgyxqtrumklhd5ptwzpqd.onion

fog

Fog, which uses the .flocked extension for encrypted files, was first observed in May in campaigns by Storm-0844, a threat actor known for distributin...

xql562evsy7njcsngacphc2erzjfecwotdkobn3m4uxu2gtqh26newid.onionxbkv2qey6u3gd3qxcojynrt4h5sgrhkar6whuo74wo63hijnn677jnyd.onionxbkv2qey6u3gd3qxcojynrt4h5sgrhkar6whuo74wo63hijnn677jnyd.onionxql562evsy7njcsngacphc2erzjfecwotdkobn3m4uxu2gtqh26newid.onion

frag

34o4m3f26ucyeddzpf53bksy76wd737nf2fytslovwd3viac3by5chad.onion

freecivilian

gcbejm2rcjftouqbxuhimj5oroouqcuxb2my4raxqa7efkz5bd5464id.onion

fsteam

New possible leak site posted to a forum on November 20th, 2022, no victims at present. Unclear if its for a ransomware or extortion group

hkk62og3s2tce2gipcdxg3m27z4b62mrmml6ugctzdxs25o26q3a4mid.onion

funksec

7ixfdvqb4eaju5lzj4gg76kwlrxg4ugqpuog5oqkkmgfyn33h527oyyd.onionpke2vht5jdeninupk7i2thcfvxegsue6oraswpka35breuj7xxz2erid.onionykqjcrptcai76ru5u7jhvspkeizfsvpgovton4jmreawj4zdwe4qnlid.onionfunkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onionfunknqn44slwmgwgnewne6bintbooauwkaupik4yrlgtycew3ergraid.onionfunksec.topfunksec53xh7j5t6ysgwnaidj5vkh3aqajanplix533kwxdz3qrwugid.onion

GDLockerSec

Our team members are from different countries and we are not interested in anything else, we are only interested in dollars. We do not allow CIS, Cuba...

igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion

genesis

genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion

global

vg6xwkmfyirv3l6qtqus7jykcuvgx6imegb73hqny2avxccnmqt5m2id.oniongdbkvfe6g3whrzkdlbytksygk45zwgmnzh5i2xmqyo3mrpipysjagqyd.onion

grief

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable b...

griefcameifmv4hfr3auozmovz5yi6m3h3dwbuqw7baomfxoxz4qteid.onion

groove

ws3dh6av66sjbxxkjpw5ao3wqzmtejnkzheswm4dz5rrwvular7xvkqd.onion

gunra

gunrabxbig445sjqa535uaymzerj6fp4nwc6ngc2xughf2pedjdhk4ad.onion

hades

According to PCrisk, Hades Locker is an updated version of WildFire Locker ransomware that infiltrates systems and encrypts a variety of data types us...

ixltdyumdlthrtgx.onion

handala

Not a Ransomware Group

handala.tohandala-hack.tovmjfieomxhnfjba57sd6jjws2ogvowjgxhhfglsikqvvrnrajbmpxqqd.onionhandala-team.tohandala-hack.tw

haron

ft4zr2jzlqoyob7yg4fcpwyt37hox3ajajqnfkdvbfrkjioyunmqnpad.onion

hellcat

hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onionhellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onionhellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onionhellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onionhellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onionhellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onionhellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion

helldown

onyxcgfg4pjevvp5h34zvhaj45kbft3dg5r33j5vu3nyp7xic3vrzvad.oniononyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion

hellogookie

gookie256cvccntvenyxrvn7ht73bs6ss3oj2ocfkjt5y6vq6gfi2tad.onion

hellokitty

Unit42 states that HelloKitty is a ransomware family that first surfaced at the end of 2020, primarily targeting Windows systems. The malware family g...

3r6n77mpe737w4sbxxxrpc5phbluv6xhtdl5ujpnlvmck5tc7blq2rqd.onion

hive

Hive is a strain of ransomware that was first discovered in June 2021. Hive was designed to be used by Ransomware-as-a-service providers, to enable no...

hiveleakdbtnp76ulyhi52eag6c6tyc3xw7ez7iqy6wc34gd2nekazyd.onionhivecust6vhekztbqgdnkks64ucehqacge3dij3gyrrpdp57zoq3ooqd.onionhiveapi4nyabjdfz2hxdsr7otrcv6zq6m4rk5i2w7j64lrtny4b7vjad.onion

holyghost

matmq3z3hiovia3voe2tix2x54sghc3tszj74xgdy4tqtypoycszqzqd.onion

hotarus

r6d636w47ncnaukrpvlhmtdbvbeltc6enfcuuow3jclpmyga7cz374qd.onion

hunters

In mid-October 2023, just a few days before the Europol operation, the source code of the Ransomware Hive was sold, along with its website and older v...

hunters55rdxciehoqzwv7vgyv6nt37tbwax2reroyzxhou7my5ejyid.onionhunters33mmcwww7ek7q5ndahul6nmzmrsumfs6aenicbqon6mxfiqyd.onionhunters55atbdusuladzv7vzv6a423bkh6ksl2uftwrxyuarbzlfh7yd.onionhuntersinternational.org

icefire

kf6x3mjeqljqxjznaw65jixin7dpcunfxbbakwuitizytcpzn4iy5bad.onion7kstc545azxeahkduxmefgwqkrrhq3mzohkzqvrv7aekob7z3iwkqvyd.onion

IMNCrew

imncrewwfkbjkhr2oylerfm5qtbzfphhmpcfag43xc2kfgvluqtlgoid.onion

incransom

incblog7vmuq7rktic73r4ha4j757m3ptym37tyvifzp2roedyyzzxid.onionincbackrlasjesgpfu5brktfjknbqoahe2hhmqfhasc5fb56mtukn4yd.onionincbackend.topincapt.blogincapt.suincblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onionincbacg6bfwtrlzwdbqc55gsfl763s3twdtwhp27dzuik6s6rwdcityd.onion

insane

nv5lbsrr4rxmewzmpe25nnalowe4ga7ki6yfvit3wlpu7dfc36pyh4ad.oniongfksiwpsqudibondm6o2ipxymaonehq3l26qpgqr3nh4jvcyayvogcid.onionr2ad4ayrgpf7og673lhrw5oqyvqg4em2fpialk7l7gxkasvqkqow4qad.onion

insomnia

i62huw7ve22rpyw6lnq3kmfump2dmsg4xpveec3ere73njwatrz74gad.onion

interlock

ebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onionebhmkoohccl45qesdbvrjqtyro2hmhkmh6vkyfyjjzfllm3ix72aqaid.onion

J

twniiyed6mydtbe64i5mdl56nihl7atfaqtpww6gqyaiohgc75apzpad.oniontwniiyed6mydtbe64i5mdl56nihl7atfaqtpww6gqyaiohgc75apzpad.onionw4d5aqmdxkcsc2xwcz7w7jo6wdmvmakgy3y6mfmdtzmyvxe77cjkfbad.onion

kairos

erqnacjmdy3obvevyol7qhazkwkv57dwqvye5v46k5bcujtfa6sduad.onionnerqnacjmdy3obvevyol7qhazkwkv57dwqvye5v46k5bcujtfa6sduad.onion

karakurt

omx5iqrdbsoitf3q4xexrqw5r5tfw7vp3vl3li3lfo7saabxazshnead.onion3f7nxkjway3d223j27lyad7v5cgmyaifesycvmwq7i7cbs23lb6llryd.onionkaraleaks.com

karma

3nvzqyo6l4wkrzumzu5aod7zbosq4ipgf7ifgj3hsvbcr5vcasordvqd.onion

kawa4096

kawasa2qo7345dt7ogxmx7qmn6z2hnwaoi3h5aeosupozkddqwp6lqqd.onion

kazu

6czlbd2jfiy6765fbnbnzuwuqocg57ebvp3tbm35kib425k4qnmiiiqd.onion

kelvinsecurity

kelvinsecteamcyber.wixsite.com

killsec

kill432ltnkqvaqntbalnsgojqqs2wz4lhnamrqjg66tq6fuvcztilyd.onionks5424y3wpr5zlug5c7i6svvxweinhbdcqcfnptkfcutrncfazzgz5id.onionks5424y3wpr5zlug5c7i6svvxweinhbdcqcfnptkfcutrncfazzgz5id.onion

kittykatkrew

jzdonx6ak2swiitotgajdfh3wjpvyunpi3hatte343dvw4nw4vv2ayqd.onionvs6ccwled72hwmescxr2e32mmfrm6vbqbo7gbmmkxnu7g5fps7ndeeyd.onion

knight

[Cyclops](group/cyclops) rebrand

knight3xppu263m7g4ag3xlit2qxpryjwueobh7vjdc3zrscqlfu3pqd.onion

kraken

krakenccj3wr23452a4ibkbkuph4d6soyx2xgjoogtuamc3m7u7wemad.onion

kryptos

kryptospnjzz7vfkr663bnqv3dxirmr3svo5zwq7cvu2wdfngujgknyd.onion

kyber

kyblogtz6k3jtxnjjvluee5ec4g3zcnvyvbgsnq5thumphmqidkt7xid.onion

la_piovra

ℹ️ La Piovra Ransomware is an exercise of the company Offensive Security (also known as OffSec)

et22fibzuzfyzgurm35sttm52qbzvdgzy5qhzy46a3gmkrrht3lec5ad.onionh3txev6jev7rcm6p2qkxn2vctybi4dvochr3inymzgif53n2j2oqviqd.onionwx3djgl4cacl6y4x7r4e4mbqrrub24ectue7ixyix2du25nfowtvfiyd.onion

lapsus$

lapsus.cz

leaktheanalyst

leaktheanalyst.fireeye62c3da3fnosymmmcqcty7rl7cjucpbkzaz275a4qs5fgkzhad.onion

lilith

yeuajcizwytgmrntijhxphs6wn5txp2prs6rpndafbsapek3zd4ubcid.onion

linkc

iywqjjaf2zioehzzauys3sktbcdmuzm2fsjkqsblnm7dt6axjfpoxwid.onion

lockbit

lockbitkodidilol.onion

lockbit2

zqaflhty5hyziovsxgqvj2mrz5e5rs6oqxzb54zolccfnvtn5w2johad.onionyq43odyrmzqvyezdindg2tokgogf3pn6bcdtvgczpz5a74tdxjbtk2yd.onionoyarbnujct53bizjguvolxou3rmuda2vr72osyexngbdkhqebwrzsnad.onionlockbitaptstzf3er2lz6ku3xuifafq2yh5lmiqj5ncur6rtlmkteiqd.onionlockbitaptq7ephv2oigdncfhtwhpqgwmqojnxqdyhprxxfpcllqdxad.onion

lockbit3

LockBit, also recognized as LockBit Black or Lockbit 3.0, is one of the largest Ransomware Groups in the world and has orchestrated extensive cyberatt...

lockbitapt2d73krlbewgv27tquljgxr33xbwwsp6rkyieto7u4ncead.onionlockbitapt2yfbt7lchxejug47kmqvqqxvvjpqkmevv4l3azl3gy6pyd.onionlockbitapt34kvrip6xojylohhxrwsvpzdffgs5z4pbbsywnzsbdguqd.onionlockbitapt5x4zkjbcqmz6frdhecqqgadevyiwqxukksspnlidyvd7qd.onionlockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onionlockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onionlockbitaptawjl6udhpd323uehekiyatj6ftcxmkwe5sezs4fqgpjpid.onionlockbitaptbdiajqtplcrigzgdjprwugkkut63nbvy2d5r4w2agyekqd.onionlockbitaptc2iq4atewz2ise62q63wfktyrl4qtwuk5qax262kgtzjqd.onionlockbitapt72iw55njgnqpymggskg5yp75ry7rirtdg4m7i42artsbqd.onionlockbitsupa7e3b4pkn4mgkgojrl5iqgx24clbzc4xm7i6jeetsia3qd.onionlockbitsupdwon76nzykzblcplixwts4n4zoecugz2bxabtapqvmzqqd.onionlockbitsupn2h6be2cnqpvncyhj4rgmnwn44633hnzzmtxdvjoqlp7yd.onionlockbitsupo7vv5vcl3jxpsdviopwvasljqcstym6efhh6oze7c6xjad.onionlockbitsupqfyacidr6upt6nhhyipujvaablubuevxj6xy3frthvr3yd.onionlockbitsupt7nr3fa6e7xyb73lk6bw6rcneqhoyblniiabj4uwvzapqd.onionlockbitsupuhswh4izvoucoxsbnotkmgq6durg7kficg6u33zfvq3oyd.onionlockbitsupxcjntihbmat4rrh7ktowips2qzywh6zer5r3xafhviyhqd.onionlockbitsupq3g62dni2f36snrdb4n5qzqvovbtkt5xffw3draxk6gwqd.onionlockbitsup4yezcd5enk5unncx3zcy7kw6wllyqmiyhvanjj352jayid.onionlockbit7ouvrsdgtojeoj5hvu6bljqtghitekwpdy3b6y62ixtsu5jqd.onionlockbit6knrauo3qafoksvl742vieqbujxw7rd6ofzdtapjb4rrawqad.onionlockbit4lahhluquhoka3t4spqym2m3dhe66d6lr337glmnlgg2nndad.onionlockbit3olp7oetlc4tl5zydnoluphh7fvdt5oa6arcp2757r7xkutid.onionlockbit435xk3ki62yun7z5nhwz6jyjdp2c64j5vge536if2eny3gtid.onionlockbit3g3ohd3katajf6zaehxz4h4cnhmz5t735zpltywhwpc6oy3id.onionlockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id.onionofj3oaltwaf67qtd7oafk5r44upm6wkc2jurpsdyih2c7mbrbshuwayd.onionlockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id.onionlockbitcuo23q7qrymbk6dsp2sadltspjvjxgcyp4elbnbr6tcnwq7qd.onionlockbitw2ygzasbt35ffpdb46r4vkej6flm3siyabaxzdodwpiatfgqd.onionlockbit23xxhej7swdop24cru7ks2w66pw7zgdkydqo6f7wfyfqo7oqd.onionlockbit7ixelt7gn3ynrs3dgqtsom6x6sd2ope4di7bu6e6exyhazeyd.onionlockbitck6escin3p33v3f5uef3mr5fx335oyqon2uqoyxuraieuhiqd.onionlockbitfhzimjqx2v7p2vfu57fpdm5zh2vsbfk5jkjod3k5pszbek7ad.onionlockbiti7ss2wzyizvyr2x46krnezl4xjeianvupnvazhbqtz32auqqd.onionlockbitkwkmhfb2zr3ngduaa6sd6munslzkbtqhn5ifmwqml4sl7znad.onionlockbitqfj7mmhrfa7lznj47ogknqanskj7hyk2vistn2ju5ufrhbpyd.onionlockbit3753ekiocyo5epmpy6klmejchjtzddoekjlnt6mu3qh4de2id.onion

lockbit3_fs

lockbit7z2jwcskxpbokpemdxmltipntwlkmidcll2qirbu7ykg46eyd.onionlockbit7z2mmiz3ryxafn5kapbvbbiywsxwovasfkgf5dqqp5kxlajad.onionlockbit7z2og4jlsmdy7dzty3g42eu3gh2sx2b6ywtvhrjtss7li4fyd.onionlockbit7z355oalq4hiy5p7de64l6rsqutwlvydqje56uvevcc57r6qd.onionlockbit7z36ynytxwjzuoao46ck7b3753gpedary3qvuizn3iczhe4id.onionlockbit7z37ntefjdbjextn6tmdkry4j546ejnru5cejeguitiopvhad.onionlockbit7z3azdoxdpqxzliszutufbc2fldagztdu47xyucp25p4xtqad.onionlockbit7z3ddvg5vuez2vznt73ljqgwx5tnuqaa2ye7lns742yiv2zyd.onionlockbit7z3hv7ev5knxbrhsvv2mmu2rddwqizdz4vwfvxt5izrq6zqqd.onionlockbit7z3ujnkhxwahhjduh5me2updvzxewhhc5qvk2snxezoi5drad.onionlockbit7z4bsm63m3dagp5xglyacr4z4bwytkvkkwtn6enmuo5fi5iyd.onionlockbit7z4cgxvictidwfxpuiov4scdw34nxotmbdjyxpkvkg34mykyd.onionlockbit7z4k5zer5fbqi2vdq5sx2vuggatwyqvoodrkhubxftyrvncid.onionlockbit7z4ndl6thsct34yd47jrzdkpnfg3acfvpacuccb45pnars2ad.onionlockbit7z55tuwaflw2c7torcryobdvhkcgvivhflyndyvcrexafssad.onionlockbit7z57mkicfkuq44j6yrpu5finwvjllczkkp2uvdedsdonjztyd.onionlockbit7z5ehshj6gzpetw5kso3onts6ty7wrnneya5u4aj3vzkeoaqd.onionlockbit7z5hwf6ywfuzipoa42tjlmal3x5suuccngsamsgklww2xgyqd.onionlockbit7z5ltrhzv46lsg447o3cx2637dloc3qt4ugd3gr2xdkkkeayd.onionlockbit7z6choojah4ipvdpzzfzxxchjbecnmtn4povk6ifdvx2dpnid.onionlockbit7z6dqziutocr43onmvpth32njp4abfocfauk2belljjpobxyd.onionlockbit7z6f3gu6rjvrysn5gjbsqj3hk3bvsg64ns6pjldqr2xhvhsyd.onionlockbit7z6qinyhhmibvycu5kwmcvgrbpvtztkvvmdce5zwtucaeyrqd.onionlockbit7z6rzyojiye437jp744d4uwtff7aq7df7gh2jvwqtv525c4yd.onionlockbitfile2tcudkcqqt2ve6btssyvqwlizbpv5vz337lslmhff2uad.onionlockbitnotexk2vnf2q2zwjefsl3hjsnk4u74vq4chxrqpjclfydk4ad.onionlockbit7z2jwcskxpbokpemdxmltipntwlkmidcll2qirbu7ykg46eyd.onionlockbit7z2mmiz3ryxafn5kapbvbbiywsxwovasfkgf5dqqp5kxlajad.onionlockbit7z2og4jlsmdy7dzty3g42eu3gh2sx2b6ywtvhrjtss7li4fyd.onionlockbit7z355oalq4hiy5p7de64l6rsqutwlvydqje56uvevcc57r6qd.onionlockbit7z36ynytxwjzuoao46ck7b3753gpedary3qvuizn3iczhe4id.onionlockbit7z37ntefjdbjextn6tmdkry4j546ejnru5cejeguitiopvhad.onionlockbit7z3azdoxdpqxzliszutufbc2fldagztdu47xyucp25p4xtqad.onionlockbit7z3ddvg5vuez2vznt73ljqgwx5tnuqaa2ye7lns742yiv2zyd.onionlockbit7z3hv7ev5knxbrhsvv2mmu2rddwqizdz4vwfvxt5izrq6zqqd.onionlockbit7z3ujnkhxwahhjduh5me2updvzxewhhc5qvk2snxezoi5drad.onionlockbit7z4bsm63m3dagp5xglyacr4z4bwytkvkkwtn6enmuo5fi5iyd.onionlockbit7z4cgxvictidwfxpuiov4scdw34nxotmbdjyxpkvkg34mykyd.onionlockbit7z4k5zer5fbqi2vdq5sx2vuggatwyqvoodrkhubxftyrvncid.onionlockbit7z4ndl6thsct34yd47jrzdkpnfg3acfvpacuccb45pnars2ad.onion

lockbit5

lockbitsuppyx2jegaoyiw44ica5vdho63m5ijjlmfb7omq3tfr3qhyd.onionlockbitapt67g6rwzjbcxnww5efpg4qok6vpfeth7wx3okj52ks4wtad.onionlockbitynxdcxtuvma5deq5pxtnqoacftuigkk37xjq3whefozdpcuad.onionlockbity44loulvujiaoels7knti2tfsnglclnse22syaa6x3vpqp7yd.onionlockbitqth2ij5cdqmj4cdchoh3etnlbh74utqviwqb5svvhxygnmoqd.onionlockbitotfzuq2lpyydzgbhelps2mcz62cpix4nzpcyaak5444iwfmqd.onionlockbitgf43c7avhx5wesx5ambjgbormhwc2tujsy6lvg6drkjhnjryd.onionlockbitfnszjao7hayqsd424m74k5jxc52hozvabjrut7pjfsfaaaoad.onionlockbitdzdbv5dh6ncf65c22tdgej72sty6ikiieuinibh6icnzrv4yd.onionlockbitbgtyqtgutvasrld5gx23ozo32y4xkjrby6bte3zyvjdlyoxyd.onionlockbitabmbzz652qeqd7yztgugcihpy4s4f6zuqi3jx32rzjylsn7ad.onionlockbit24pegjquuwbmwjlvyivmyaujf33kvlepcxyncnugm3zw73myd.onionlockbityq64mwtobqqcr3iwxs5q4o7iliuv72gbx4vflggj4m4wqekad.onionlockbity3v2rhjjjt6opcgvdrrlvdbrt3p2wqmxmq4cm36cchphdy6qd.onionlockbitnpobu6luzzlxb7br5uyqnmeruwimpjuw2kv442nvxd6sufsad.onionlockbitkybiqhyv64vdaamz7uf2ymjoafyalx3e6spmmsz5xyk5nbcad.onionlockbitjqfuyrkxiie6bcly6ow4sh6lmyuyvyats5hcpe5e6hbuhikyd.onionlockbithn5a2qgf4ojvut3q25yylrauvjxrz6sjdd4teas65osru2lqd.onionlockbitf75dfwq4bsec3iaytf6z5z6dmstx3g35grn74ndxy3py2ozyd.onionlockbitdx4kanolaotenc3nmonlxv5enmhxdh2lk54rirvcdsljfbjyd.onionlockbit7tnu7whmaqnnlmvnoxzejssvr6vkcoovg35encvnp24pikvyd.onionlockbit6vhrjaqzsdj6pqalyideigxv4xycfeyunpx35znogiwmojnid.onion

lockdata

wm6mbuzipviusuc42kcggzkdpbhuv45sn7olyamy6mcqqked3waslbqd.onion

lolnek

mmeeiix2ejdwkmseycljetmpiwebdvgjts75c63camjofn2cjdoulzqd.onionobzuqvr5424kkc4unbq2p2i67ny3zngce3tbdr37nicjqesgqcgomfqd.onionnclen75pwlgebpxpsqhlcnxsmdvpyrr7ogz36ehhatfmkvakeyden6ad.onion

lorenz

Tesorion describes Lorenz as a ransomware with design and implementation flaws, leading to impossible decryption with tools provided by the attackers....

lorenzmlwpzgxq736jzseuterytjueszsvznuibanxomlpkyxk6ksoyd.onionlorenzmlwpzgxq736jzseuterytjueszsvznuibanxomlpkyxk6ksoyd.onion

losttrust

hscr6cjzhgoybibuzn2xud7u4crehuoo4ykw3swut7m7irde74hdfzyd.onion

lunalock

lunalockcccxzkpfovwzifwxcytqkiuak6wzybnniqwxcmpsetpbetid.onionlunachataclss7bvlhk5zxs6pqpunxljeqhrn2bfl6wkhlwqxvgwgayd.onionlunalockcccxzkpfovwzifwxcytqkiuak6wzybnniqwxcmpsetpbetid.onion

lv

LV ransomware group main message: "Here are companies which didn't meet consumer data protection obligations. They rejected to fix their mistakes, the...

rbvuetuneohce3ouxjlbxtimyyxokb4btncxjbo44fbgxqy7tskinwad.onion4qbxi3i2oqmyzxsjg4fwe4aly3xkped52gq5orp6efpkeskvchqe27id.onion

lynx

lynxblog.netlynxch2k5xi35j7hlbmwl7d6u2oz4vp2wqp6qkwol624cod3d6iqiyqd.onionlynxchatly4zludmhmi75jrwhycnoqvkxb4prohxmyzf4euf5gjxroad.onionlynxblogxstgzsarfyk2pvhdv45igghb4zmthnzmsipzeoduruz3xwqd.onionlynxblogxutufossaeawlij3j3uikaloll5ko6grzhkwdclrjngrfoid.onionlynxblogoxllth4b46cfwlop5pfj4s7dyv37yuy7qn2ftan6gd72hsad.onionlynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onionlynxblogco7r37jt7p5wrmfxzqze7ghxw6rihzkqc455qluacwotciyd.onionlynxblogijy4jfoblgix2klxmkbgee4leoeuge7qt4fpfkj4zbi2sjyd.onionlynxblogtwatfsrwj3oatpejwxk5bngqcd5f7s26iskagfu7ouaomjad.onion

madcat

i2gc52bwm2vu2wnohwi3cli7t7hj3y2q7qj3th2bs64h2eej7z5jcgqd.onion

madliberator

k67ivvik3dikqi4gy4ua7xa6idijl4si7k5ad5lotbaeirfcsx4sgbid.onion

malas

malas2urovbyyavjzaezkt5ohljvyd5lt7vv7mnsgbf2y4bwlh72doqd.onion

malekteam

malekteam.ac195.14.123.2.

mallox

This ransomware uses a combination of different crypto algorithms (ChaCha20, AES-128, Curve25519). The activity of this malware is dated to mid-June 2...

wtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onionwtyafjyhwqrgo4a45wdvvwhen3cx4euie73qvlhkhvlrexljoyuklaad.onion

mamona

owt3kwkxod2pvxlv3uljzskfhebhrhoedrh5gqrxyyd6rrco4frzj5ad.onionowt3kwkxod2pvxlv3uljzskfhebhrhoedrh5gqrxyyd6rrco4frzj5ad.onionbdhjur3agrogoxvwobbzpptkxhyewnjrhzqj4ug2dyfhf3dopyvvurid.onion

marketo

marketojbwagqnwx.oniong5sbltooh2okkcb2.onionfvki3hj7uxuirxpeop6chgqoczanmebutznt2mkzy6waov6w456vjuid.onionjvdamsif53dqjycuozlaye2s47p7xij4x6hzwzwhzrqmv36gkyzohhqd.onion

maze

Maze ransomware group is one of the most known ransomware gangs, they targeted organizations worldwide across many industries. Security researchers be...

xfr3txoorcyy7tikjgj5dk3rvo3vsrpyaxnclyohkbfp3h277ap4tiad.onion

mbc

xembshruusobgbvxg4tcjs3jpdnks6xrr6nbokfxadcnlc53yxir22ad.onion

medusa

medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onionmedusakxxtp3uo7vusntvubnytaph4d3amxivbggl3hnhpk2nmus34yd.onionxfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.oniondlmfciajg5s4vliyo5dhs5jyzhi2xr2fnkebul46lpf4xudtqiue4nid.onionkyfiw76eol6ph2mq7pi5e5tdvce37bicddhai62qhdc5ja6jdchz4qqd.onions7lmmhlt3iwnwirxvgjidl6omcblvw2rg75txjfduy73kx5brlmiulad.onion45.9.148.39cx5u7zxbvrfyoj6ughw76oa264ucuuizmmzypwum6ear7pct4yc723qd.onionxfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onionhupxs7ps7md24kpz4lwsbra64abgxjx3pcc2wuca5ibawf2g5hlpfyqd.onion

medusalocker

Medusa is a DDoS bot written in .NET 2.0. In its current incarnation its C&C protocol is based on HTTP, while its predecessor made use of IRC.

qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onionz6wkgghtoawog5noty5nxulmmt2zs7c3yvwr22v4czbffdoly2kl4uad.onion95.143.191.148:3000medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion

meow

meow6xanhzfci2gbkn3lmbqq7xjjufskkdfocqdngt3ltvzgqpsg5mid.oniontotos7fquprkecvcsl2jwy72v32glgkp2ejeqlnx5ynnxvbebgnletqd.onion

metaencryptor

metacrptmytukkj7ajwjovdpjqzd7esg5v3sg344uzhigagpezcqlpyd.onionmetacrpttdfpbm4qoxzcrqqgr6e6zafpazgxm72knmujw2mwvi34rwad.onion

midas

This malware written in C# is a variant of the Thanos ransomware family and emerged in October 2021 and is obfuscated using SmartAssembly. In 2022, Th...

midasbkic5eyfox4dhnijkzc7v7e4hpmsb2qgux7diqbpna4up4rtdad.onion

mindware

Ransomware, potential rebranding of win.sfile.

dfpc7yvle5kxmgg6sbcp5ytggy3oeob676bjgwcwhyr2pwcrmbvoilqd.onion

minteye

85.121.48.68i6575ykikb3yvut4btucoqjshbktouxxyu3eb3ffa3ukvyvtam5y5pqd.onion

mogilevich

dkgn45pinr7nwvdaehemcrpgcjqf4fooit3c4gjw6dhzrp443ctvnoad.onion

moneymessage

blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7aqd.onion

monti

4s4lnfeujzo67fy2jebz2dxskez2gsqj2jeb35m75ktufxensdicqxad.onionmblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion

morpheus

izsp6ipui4ctgxfugbgtu65kzefrucltyfpbxplmfybl5swiadpljmyd.onion

mosesstaff

Cybereason Nocturnus describes Moses Staff as an Iranian hacker group, first spotted in October 2021. Their motivation appears to be to harm Israeli c...

mosesstaffm7hptp.onionmoses-staff.se

mountlocker

mountnewsokhwilx.onion

ms13089

msleakjir7pxbe6onlqe5uwgvdmy6nq4mnwfy7ojswbhnleenm77vgad.onion

mydecryptor

5s4ixqul2enwxrqv.onion

n3tworm

N3tw0rm ransomware group is linked to Iran by many security researchers especially for the fact that the group targeting only Israeli companies. Like ...

n3twormruynhn3oetmxvasum2miix2jgg56xskdoyihra4wthvlgyeyd.onion

nasirsecurity

yzcpwxuhbkyjnyn4qsf4o5dkvu6m2fyo7dwizmnlutanlmzlos7pa6qd.onionnasir.cc

nefilim

According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, whic...

hxt254aygrsziejn.onion

nemty

Nemty is a ransomware that was discovered in September 2019. Fortinet states that they found it being distributed through similar ways as Sodinokibi a...

zjoxyw5mkacojk5ptn2iprkivg5clow72mjkyk5ttubzxprjjnwapkad.onion

netwalker

NetWalker ransomware group operates by the threat actor known as "CIRCUS SPIDER". The NetWalker ransomware was discovered in 2019. The group mainly ta...

rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion

nevada

nevbackvzwfu5yu3gszap77bg66koadds6eln37gxdhdk4jdsbkayrid.onionnevcorps5cvivjf6i2gm4uia7cxng5ploqny2rgrinctazjlnqr2yiyd.onion

nightsky

gg5ryfgogainisskdvh4y373ap3b2mxafcibeh2lvq5x7fx76ygcosad.onion

nightspire

nspireyzmvapgiwgtuoznlafqvlyz7ey6himtgn5bdvdcowfyto3yryd.onionnspireyzmvapgiwgtuoznlafqvlyz7ey6himtgn5bdvdcowfyto3yryd.onionnspireyzmvapgiwgtuoznlafqvlyz7ey6himtgn5bdvdcowfyto3yryd.oniona2lyiiaq4n74tlgz4fk3ft4akolapfrzk772dk24iq32cznjsmzpanqd.oniona2lyiiaq4n74tlgz4fk3ft4akolapfrzk772dk24iq32cznjsmzpanqd.onionnspirebcv4sy3yydtaercuut34hwc4fsxqqv4b4ye4xmo6qp3vxhulqd.onionnspirebcv4sy3yydtaercuut34hwc4fsxqqv4b4ye4xmo6qp3vxhulqd.onionnspiremkiq44zcxjbgvab4mdedyh2pzj5kzbmvftcugq3mczx3dqogid.onionnspiremkiq44zcxjbgvab4mdedyh2pzj5kzbmvftcugq3mczx3dqogid.onionnspire7lugml7ybqyjaaxtsgrs4qn3fcon3lrjbih6wamttvdm5ke4qd.onionnspirep7orjq73k2x2fwh2mxgh74vm2now6cdbnnxjk2f5wn34bmdxad.onionnspirep7orjq73k2x2fwh2mxgh74vm2now6cdbnnxjk2f5wn34bmdxad.onion

nitrogen

nitrogenczslprh3xyw6lh5xyjvmsz7ciljoqxxknd7uymkfetfhgvqd.onion6lrsxvqscxtznb4fhux5u3vbslbanxjzxzgtokjtfwaitxe4pfgfebad.onion

noescape

noescapemsqxvizdxyl7f7rmg5cdjwp33pg2wpmiaaibilb4btwzttad.onionnoescaperjh3gg6oy7rck57fiefyuzmj7kmvojxgvlmwd5pdzizrb7ad.onion

nokoyawa

lirncvjfmdhv6samxvvlohfqx7jklfxoxj7xn3fh7qeabs3taemdsdqd.onion6yofnrq7evqrtz3tzi3dkbrdovtywd35lx3iqbc5dyh367nrdh4jgfyd.onionnoko65rmtaiqyt2cw2h4jrxe3u56t2k7ov3nd22hoji4c5vnfib2i4yd.onionnokoleakb76znymx443veg4n6fytx6spck6pc7nkr4dvfuygpub6jsid.onion

noname

noname2j6zkgnt7ftxsjju5tfd3s45s4i3egq5bqtl72kgum4ldc6qyd.onion

nova

Nova (formerly RALord) is a ransomware-as-a-service (RaaS) group that encrypts victims’files and uses double-extortion tactics to pressure organizatio...

novavdivko2zvtrvtllnq45lxhba2rfzp76qigb4nrliklem5au7czqd.onionnovatd4577pzlvdyy42slydhrhru7fpcflbbxlajcmbfrgzyeis6d3id.onionnovag4k2te3mstt2xq5irywlpaw6edgkpiwgg4t2q7eecisj2qqtvbid.onionnovaoddh3vxylxqpsfdjprliknbzgbkv6nkazpzu3cvykrgpyzuywryd.onionleak7y2247fj7dbb35rpfyxuyaqtwbshiwxp6h35ttzlhrxmhvi4fead.onionnovaxtychr6ohlc4zr5its73p6i7unpuhpwoodtzrg2y4w4seytatlid.onionpifk3xu3vad6cuxsjll4qjomyaaaoyvnyqppro75pazadzctrrvpdnyd.onionnovadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion

obscura

obscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onionobscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onion

onepercent

5mvifa3xq5m7sou3xzaajfz7h6eserp5fnkwotohns5pgbb5oxty3zad.onion

onyx

mrdxtxy6vqeqbmb4rvbvueh2kukb3e3mhu3wdothqn7242gztxyzycid.onion

orca

orca66hwnpciepupe5626k2ib6dds6zizjwuuashz67usjps2wehz4id.onion

orion

cjfntkj5qeizxowuy3srceg7zo6namc3kfeor7pfn6bpdkl3w265ooid.onion

osiris

osirisbm3357xrccnid23nlyuqwzbgqheaei6dxvyi34tbkqr3bmvfid.onionosirisbm3357xrccnid23nlyuqwzbgqheaei6dxvyi34tbkqr3bmvfid.onion

pandora

Pandora ransomware was obtained by vx-underground at 2022-03-14.

vbfqeh5nugm6r2u2qvghsdxm3fotf5wbxb5ltv6vw77vus5frdpuaiid.onionpandoraxyz.xyz

pay2key

Pay2Key is ransomware that has been used by the threat actor Fox Kitten. The group seems to operate since July 2020, targetting mainly Israeli compani...

pay2key2zkg7arp3kv3cuugdaqwuesifnbofun4j6yjdw5ry7zw2asid.onion

payload

payloadrz5yw227brtbvdqpnlhq3rdcdekdnn3rgucbcdeawq2v6vuyd.onionpayloadynyvabjacbun4uwhmxc7yvdzorycslzmnleguxjn7glahsvqd.onion

payloadbin

vbmisqjshn4yblehk2vbnil53tlqklxsdaztgphcilto3vdj4geao5qd.onion

payoutsking

payoutsgn7cy6uliwevdqspncjpfxpmzgirwl2au65la7rfs5x3qnbqd.onion

pear

Pure Extraction And Ransom (PEAR) Team is the community of highly responsible and strictly disciplined members. We are a private team and have nothing...

peargxn3oki34c4savcbcfqofjjwjnnyrlrbszfv6ujlx36mhrh57did.onionpearsmob5sn44ismokiusuld34pnfwi6ctgin3qbvonpoob4lh3rmtqd.onion

play

Initially observed in June 2022, the Play ransomware (a.k.a PlayCrypt) operates through double extortion, targeting numerous organizations in Latin Am...

mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onionk7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onionmbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onionj75o7xvvsm4lpsjhkjvb4wl2q6ajegvabe6oswthuaubbykk4xkzgpid.onion

playboy

vlofmq2u3f5amxmnblvxaghy73aedwta74fyceywr6eeguw3cn6h6uad.onion

projectrelic

relic5zqwemjnu4veilml6prgyedj6phs7de3udhicuq53z37klxm6qd.onion

prolock

PwndLocker is a ransomware that was observed in late 2019 and is reported to have been used to target businesses and local governments/cities. Accordi...

msaoyrayohnp32tcgwcanhjouetb5k54aekgnwg7dcvtgtecpumrxpqd.onion

prometheus

Ransomware written in .NET, apparently derived from the codebase of win.hakbit (Thanos) ransomware.

promethw27cbrcot.onion

promptlock

First known AI-powered ransomware. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua ...

pysa

Mespinosa is a ransomware which encrypts file using an asymmetric encryption and adds .pysa as file extension. According to dissectingmalware the exte...

pysa2bitc5ldeyfak4seeruqymqs4sj5wt5qkcq7aoyg4h2acqieywad.onion

qilin

Qilin ransomware was first observed in July of 2022. Qilin Ransomware is written in Golang and supports multiple encryption modes; all of which are co...

ozsxj4hwxub7gio347ac7tyqqozvfioty37skqilzo2oqfs4cw2mgtyd.onionkbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onionijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onionji57fr53anp7wb44tbbnp72qcgbhqywy4jmbncawdcrejj5amuvh3zqd.onion

qiulong

62brsjf2w77ihz5paods33cdgqnon54gjns5nmag3hmqv6fcwamtkmad.onion

qlocker

gvka2m4qt5fod2fltkjmdk4gxh5oxemhpgmnmtjptms6fkgfzdd62tad.onion

quantum

quantum445bh3gzuyilxdzs5xdepf3b7lkcupswvkryf3n7hgzpxebid.onion22rnyep2aa2exx3fdm26p4onwjfmhciodb55v5l3w4iny7e5bxpg3yad.onion

rabbithole

z5jixbfejdu5wtxd2baliu6hwzgcitlspnttr7c2eopl5ccfcjrhkqid.onion

radar

3bnusfu2lgk5at43ceu7cdok5yv4gfbono2jv57ho74ucjvc7czirfid.onion4q5tsu5o3msmv4am4dfhupwhzlyg7wv3lpswbvbhcrknr4ega7xetxad.onion3bnusfu2lgk5at43ceu7cdok5yv4gfbono2jv57ho74ucjvc7czirfid.onion

radiant

trfqksm6peaeyz4q6egxbij5n2ih6zrg65of4kwasrejc7hnw2jtxryd.onion

ragnarlocker

rgleak7op734elep.onionrgleaktxuey67yrgspmhvtnrqtgogur35lwdrup4d3igtbm3pupc4lyd.onionp6o7m73ujalhgkiv.onionragnarnwvli32xnmwudsvhbl7klzmofxeylyhcqfc5ifx5mbybq3ekqd.onion

ragnarok

According to Bleeping Computer, the ransomware is used in targeted attacks against unpatched Citrix servers. It excludes Russian and Chinese targets u...

wobpitin77vdsdiswr43duntv6eqw4rvphedutpaxycjdie6gg3binad.onionsushlnty2j7qdzy64qnvyb6ajkwg7resd3p6agc2widnawodtcedgjid.onion

ralord

ralordqe33mpufkpsr6zkdatktlu3t2uei4ught3sitxgtzfmqmbsuyd.onionralord3htj7v2dkavss2hjzviviwgsf4anfdnihn5qcjl6eb5if3cuqd.onionralordt7gywtkkkkq2suldao6mpibsb7cpjvdfezpzwgltyj2laiuuid.onionnovazzitmugtbjwuttc5hhsemkmvwh3iyt27oeeunu5mkw62qpfeykid.onion

ramp

wavbeudogz6byhnardd2lkp2jafims3j7tj6k6qnywchn2csngvtffqd.onionrampjcdlqvgkoz5oywutpo6ggl7g6tvddysustfl6qzhr5osr24xxqqd.onionramp4u5iz4xx75vmt6nk5xfrs5mrmtokzszqxhhkjqlk7pbwykaz7zid.onion

rancoz

ze677xuzard4lx4iul2yzf5ks4gqqzoulgj5u4n5n4bbbsxjbfr7eayd.onion

ranion

ranionv3j2o7wrn3um6de33eccbchhg32mkgnnoi72enkpp7jc25h3ad.onion

ransombay

Launched on April 24th, 2025 RansomBay is a new project operating under the DragonForce initiative

mrbay3n14c2wxmhpro5tcdfjpqkeowfucbodic4ix6rzqtoss3ebhid.onion

ransomcartel

u67aylig7i6l657wxmp274eoilaowhp3boljowa6bli63rxyzfzsbtyd.onioncartelirsn5l54ehcbalyyqtfb3j7be2rpvf6ujayaf5qqmg3vlwiayd.onioncartelraqonekult2cxbzzz2ukiff7v6cav3w373uuhenybgqulxm5id.onion

ransomcortex

gg6owuhu72muoelkt2msjrp2llwr2on5634sk5v2xefzmobvryywbhid.onion

ransomed

ransomed.vck63fo4qmdnl4cbt54sso3g6s5ycw7gf7i6nvxl3wcf3u6la2mlawt5qd.onionf6amq3izzsgtna4vw24rpyhy3ofwazlgex2zqdssavevvkklmtudxjad.oniong6ocfx3bb3pvdfawbgrbt3fqoht5t6dwc3hfmmueo76hz46qepidnxid.onion

ransomexx

RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Defray777.

rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.onion

ransomhouse

xw7au5pnwtl6lozbsudkmyd32n6gnqdngitjdppybudan3x3pjgpmpid.onionzohlm7ahjwegcedoz7lrdrti7bvpofymcayotp744qhx6gjmxbuo2yid.onionsecxrosqawaefsio3biv2dmi2c5yunf3t7ilwf54czq3v4bi7w6mbfad.onion

ransomhub

The group emerged in mid-February 2024 and has already listed several organizations as alleged victims of their attacks, resulting from extortion thro...

ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onionransomgxjnwmu5ceqwo2jrjssxpoicolmgismfpnslaixg3pgpe5qcad.onionfpwwt67hm3mkt6hdavkfyqi42oo3vkaggvjj4kxdr2ivsbzyka5yr2qd.onion

ranstreet

ransekgbpijp56bflufgxptwn5hej2rztx423v6sim2zrzz7xetnr2qd.onion

ranzy

Ranzy Locker, Former known as ThunderX. The group hosting a data leak site in the darknet where they posting sensitive information of victims who do n...

37rckgo66iydpvgpwve7b2el5q2zhjw4tv4lmyewufnpx4lhkekxkoqd.onion

raworld

RA Group, also known as RA World, first surfaced in April 2023, utilizing a custom variant of the Babuk ransomware.

raworldw32b2qxevn3gp63pvibgixr4v75z62etlptg3u3pmajwra4ad.onionpa32ymaeu62yo5th5mraikgw5fcvznnsiiwti42carjliarodltmqcqd.onion

raznatovic

RANSOMED.VC aka Raznatovic

ransomed.vcransomed.vcf6amq3izzsgtna4vw24rpyhy3ofwazlgex2zqdssavevvkklmtudxjad.onionf6amq3izzsgtna4vw24rpyhy3ofwazlgex2zqdssavevvkklmtudxjad.onion

rebornvc

ransomed.vcransomed.biz

redalert

blog2hkbm6gogpv2b3uytzi3bj5d5zmc4asbybumjkhuqhas355janyd.onionje2yizds7r4uidk6uixfxwjj5w7or2agit4aj66l4lrhdbrvr3lsymid.onion

redransomware

33zo6hifw4usofzdnz74fm2zmhd3zsknog5jboqdgblcbwrmpcqzzbid.onion

revil

Sodinokibi ransomware group also known as REvil (Ransomware Evil) operates as a ransomware-as-a-service (RaaS) model. After the group compromised his ...

dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onionaplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onionblogxxu75w63ujqarv476otld7cyjkq4yoswzt4ijadkjwvg3vrvd5yd.onion

reynolds

bs2tlg32pfjwmclm22cyngqmoo24cdlhfxzbruwrdaxumisfeory32qd.onion

rhysida

Rhysida is a ransomware-as-a-service (RAAS) group that emerged in May 2023. The group utilizes a namesake ransomware through phishing attacks and Coba...

rhysidafohrhyy2aszi7bm32tnjat5xri65fopcxkdfxhi4tidsg7cad.onionrhysidafohrhyy2aszi7bm32tnjat5xri65fopcxkdfxhi4tidsg7cad.onionrhysidafohrhyy2aszi7bm32tnjat5xri65fopcxkdfxhi4tidsg7cad.onionrhysidafc6lm7qa2mkiukbezh7zuth3i4wof4mh2audkymscjm6yegad.onion

robinhood

robinhoodleaks.tumblr.com

rook

According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files by encrypting them. It also m...

gamol6n6p2p4c3ad7gxmx3ur7wwdwlywebo2azv3vv5qlmjmole2zbyd.onion

royal

According to Trendmicro, Royal ransomware was first observed in September 2022, and the threat actors behind it are believed to be seasoned cybercrimi...

royal2xthig3ou5hd7zsliqagy6yygk2cdelaxtni2fyad6dpmpxedid.onionroyal4ezp7xrbakkus3oofjw6gszrohpodmdnfbe5e4w3og5sm7vb3qd.onion

rransom

t2tqvp4pctcr7vxhgz5yd5x4ino5tw7jzs3whbntxirhp32djhi7q3id.onion

RunSomeWares

rnsmwareartse3m4hjsumjf222pnka6gad26cqxqmbjvevhbnym5p6ad.onionoow7rehrxlzpy6vh3hezl2khstkpa6s7wx3iit74tr6xbjibupld5iad.onionnidzkoszg57upoq7wcalm2xxeh4i6uumh36axsnqnj3i7lep5uhkehyd.onion

sabbath

54bb47h5qu4k7l4d7v5ix3i6ak6elysn3net4by4ihmvrhu7cvbskoqd.onion54bb47h.blog

safepay

nz4z6ruzcekriti5cjjiiylzvrmysyqwibxztk6voem4trtx7gstpjid.onioncqkrkmmivhakl3fwgxscurduu3znmroablt7jskxszkctixyseij5gad.onionnj5qix45sxnl4h4og6hcgwengg2oqloj3c2rhc6dpwiofx3jbivcs6qd.onionj3dp6okmaklajrsk6zljl5sfa2vpui7j2w6cwmhmmqhab6frdfbphhid.onionsafepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onionsafepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onion

sarcoma

sarcomawmawlhov7o5mdhz4eszxxlkyaoiyiy2b5iwxnds2dmb4jakad.onion

satanlockv2

tzhwmgguyxrg6q3tu4q3gvopcjynrhw6ryx2bdl5ghisdkyunfua5xyd.onion

secp0

Encrypted Extension: .vanhelsing, .vanlocker. Targets Windows Platform only

secponewsxgrlnirowclps2kllzaotaf5w2bsvktdnz4qhjr2jnwvvyd.onion

securotrop

securo45z554mw7rgrt7wcgv5eenj2xmxyrsdj3fcjsvindu63s4bsid.onion

SenSayQ

gmixcebhni6c3kcf5m7xxybomaphj7pizoqtxiqmrz5wsh6g6x5s2wqd.onion159.69.60.54.152.89.198.177.

shadow

lc65fb3wrvox6xlyn4hklwjcojau55diqxxylqs4qsfng23ftzijnxad.onion

ShadowByt3$

shadowbyt3s.8bit.cashadowbyt3s.8bit.ca

shaoleaks

crptd5sv5bdz6hovrbkac6mnp3rt7zij62njsqwh5a6ldd3asxdd22qd.onion

shinyhunters

shinypogk4jjniry5qi7247tznop6mxdrdte2k6pdu5cyo43vdzmrwid.onionbreachforums.hnshinypogk4jjniry5qi7247tznop6mxdrdte2k6pdu5cyo43vdzmrwid.oniontoolatedhs5dtr2pv6h5kdraneak5gs3sxrecqhoufc5e45edior7mqd.onion

ShinySp1d3r

Likely associated with the cybercrime group BlingLibra (ShinyHunters)

sh1nysp1d3rxyz123456789abcdefghijklmnopqrstuvwxyz.onion

sicarii

sicari7zpu3mtxqggde7mu3ywppntdqg22arcukvlaihjbfcb2rnktid.onionsicari7zpu3mtxqggde7mu3ywppntdqg22arcukvlaihjbfcb2rnktid.onionsicarilxx2br6esqnhad4w26bcgb5j2snbbnhyo4b6t7kby2oy4x3jad.onion

siegedsec

Not a ransomware group but a hacktivist group that appeared coincidentally days before Russia’s invasion of Ukraine

nv5p2mmpctvyqdyyi5zwh4gnifq2uxdx4etvnmaheqlrw6ordrjwxryd.onion

silent

Unlike many other groups, Silent claims to operate with a high level of anonymity and discretion. According to their own statement, they avoid public ...

silentbgdghp3zeldwpumnwabglreql7jcffhx5vqkvtf2lshc4n5zid.onionoyhxnbth6rtj7gbpfvzucjnne6bjpqzkbkvvnolvtmyiutzthct3udqd.onion

SilentRansomGroup

a former Conti team

business-data-leaks.combusiness-data-leaks.com

sinobi

sinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onionsinobi6ftrg27d6g4sjdt65malds6cfptlnjyw52rskakqjda6uvb7yd.onionsinobi6rlec6f2bgn6rd72xo7hvds4a5ajiu2if4oub2sut7fg3gomqd.onionsinobi6rlec6f2bgn6rd72xo7hvds4a5ajiu2if4oub2sut7fg3gomqd.onionsinobi57mfegeov2naiufkidlkpze263jtbldokimfjqmk2mye6s4yqd.onionsinobia6mw6ht2wcdjphessyzpy7ph2y4dyqbd74bgobgju4ybytmkqd.onionsinobi23i75c3znmqqxxyuzqvhxnjsar7actgvc4nqeuhgcn5yvz3zqd.onionsinobi7sukclb3ygtorysbtrodgdbnrmgbhov45rwzipubbzhiu5jvqd.onionsinobi7l3wet3uqn4cagjiessuomv75aw3bvgah4jpj43od7xndb7kad.onionsinobi6ywgmmvg2gj2yygkb2hxbimaxpqkyk27wti5zjwhfcldhackid.onionsinobia6mw6ht2wcdjphessyzpy7ph2y4dyqbd74bgobgju4ybytmkqd.onionsinobi23i75c3znmqqxxyuzqvhxnjsar7actgvc4nqeuhgcn5yvz3zqd.onionsinobi7sukclb3ygtorysbtrodgdbnrmgbhov45rwzipubbzhiu5jvqd.onionsinobi7l3wet3uqn4cagjiessuomv75aw3bvgah4jpj43od7xndb7kad.onionsinobi6ywgmmvg2gj2yygkb2hxbimaxpqkyk27wti5zjwhfcldhackid.onion

skira

mtgc3qvyedjnfu7cen2zsupdppi5ys5g2hm6xwujvoepw25p4dy6huid.onionmtgc3qvyedjnfu7cen2zsupdppi5ys5g2hm6xwujvoepw25p4dy6huid.onion

slug

3ytm3d25hfzvbylkxiwyqmpvzys5of7l4pbosm7ol7czlkplgukjq6yd.onion

snatch

Snatch is a ransomware which infects victims by rebooting the PC into Safe Mode. Most of the existing security protections do not run in Safe Mode so ...

hl66646wtlp2naoqnhattngigjp5palgqmbwixepcjyq5i534acgqyad.onionsnatch.presssnatchteam.topsnatchteam.ccsnatchnews.top

solidbit

Ransomware, written in .NET.

solidb2jco63vbhx4sfimnqmwhtdjk4jbbgq7a24cmzzkfse4rduxgid.onion

spacebears

5butbkrljkaorg5maepuca25oma7eiwo6a2rlhvkblb4v6mf3ki2ovid.onion

sparta

zj2ex44e2b2xi43m2txk4uwi3l55aglsarre7repw7rkfwpj54j46iqd.onion

spook

spookuhvfyxzph54ikjfwf2mwmxt572krpom7reyayrmxbkizbvkpaid.onion

stormous

3slz4povugieoi3tw7sblxoowxhbzxeju427cffsst5fo2tizepwatid.onionh3reihqb2y7woqdary2g3bmk3apgtxuyhx4j2ftovbhe3l5svev7bdyd.onionpdcizqzjitsgfcgqeyhuee5u6uki6zy5slzioinlhx6xjnsw25irdgqd.onionstmxylixiz4atpmkspvhkym4xccjvpcv3v67uh3dze7xwwhtnz4faxid.onionpdcizqzjitsgfcgqeyhuee5u6uki6zy5slzioinlhx6xjnsw25irdgqd.onion

sugar

Ransomware, written in Delphi.

chat5sqrnzqewampznybomgn4hf2m53tybkarxk4sfaktwt7oqpkcvyd.onion

suncrypt

x2miyuiwpib2imjr5ykyjngdu7v6vprkkhjltrk4qafymtawey4qzwid.onionnbzzb6sa6xuura2z.onion

synack

xqkz2rmrqkeqf6sjbrb47jfwnqxcd4o2zvaxxzrpbh2piknms37rw2ad.onion

teamxxx

tp5cwh6d2b5hekcg6jlhoe6mawa7dlwiv47epvnfmzuaaur2dnaa3uid.onion

tengu

longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion

termite

termiteuslbumdge2zmfmfcsrvmvsfe4gvyudc5j6cdnisnhtftvokid.onion

thegentlemen

tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion

thegreenbloodgroup

scbrksw5fgjtujc2ah42roo6bij2unr2tggfcynpbql5a7yp3s22taid.onion

threeam

A new Ransomware family identified by the name '3AM' or 'ThreeAM' in September 2023. The ransomware operation was observed by the Symantec team, in wh...

threeamkelxicjsaf2czjyz2lc4q3ngqkxhhlexyfcp2o6raw4rphyad.onionthreeam7fj33rv5twe5ll7gcrp3kkyyt6ez5stssixnuwh4v3csxdwqd.onionthreeamkelxicjsaf2czjyz2lc4q3ngqkxhhlexyfcp2o6raw4rphyad.onion

toufan

Pro-Palestinian Group

t.me/CyberToufanBackupt.me/CyberToufan02toufanleaks.orgt.me/CyberToufan

tridentlocker

tridentfrdy6jydwywfx4vx422vnto7pktao2gyx2qdcwjanogq454ad.oniontridentfrdy6jydwywfx4vx422vnto7pktao2gyx2qdcwjanogq454ad.onion

trigona

According to PCrisk, Trigona is ransomware that encrypts files and appends the ._locked extension to filenames. Also, it drops the how_to_decrypt.hta ...

3x55o3u2b7cjs54eifja5m3ottxntlubhjzt6k6htp5nrocjmsxxh7ad.onion6n5tfadusp4sarzuxntz34q4ohspiaya2mc6aw6uhlusfqfsdomavyyd.oniontrigonax2zb3fw34rbaap4cqep76zofxs53zakrdgcxzq6xzt24l5lqd.onionkrsbhaxbki6jr4zvwblvkaqzjkircj7cxf46qt3na5o5sj2hpikbupqd.onion

trinity

txtggyng5euqkyzl2knbejwpm4rlq575jn2egqldu27osbqytrj6ruyd.onion

trisec

orfc3joknhrzscdbuxajypgrvlcawtuagbj7f44ugbosuvavg3dc3zid.onionorfc3joknhrzscdbuxajypgrvlcawtuagbj7f44ugbosuvavg3dc3zid.onionpkk4gbz7lsbgeja6s6iwsan2ce364sqioici65swwt65uhicke65uyid.onion

u-bomb

contiuevxdgdhn3zl2kubpajtfgqq4ssj2ipv6ujw7fwhggev3rk6hqd.onion

underground

undgrddapc4reaunnrdrmnagvdelqfvmgycuvilgwb5uxm25sxawaoqd.onion47glxkuxyayqrvugfumgsblrdagvrah7gttfscgzn56eyss5wg3uvmqd.onion

unknown

tdoe2fiiamwkiadhx2a4dfq56ztlqhzl2vckgwmjtoanfaya4kqvvvyd.oniondarktorhvabc652txfc575oendhykqcllb7bh7jhhsjduocdlyzdbmqd.onion

unsafe

A group which seems to recycle leak from other ransomware groups

unsafeipw6wbkzzmj7yqp7bz6j7ivzynggmwxsm6u2wwfmfqrxqrrhyd.onion

ValenciaLeaks

6doyqxqqj36vnedtt2zwxmngx52mgyp7brbrtwkyd75jgiolocoybgid.onion

VanHelsing

vanhelqmjstkvlhrjwzgjzpq422iku6wlggiz5y5r3rmfdeiaj3ljaid.onionvanhelsokskrlaacilyfmtuqqa5haikubsjaokw47f3pt3uoivh6cgad.onionvanhelxjo52qr2ixcmtjayqqrcodkuh36n7uq7q7xj23ggotyr3y72yd.onionvanhelvuuo4k3xsiq626zkqvp6kobc2abry5wowxqysibmqs5yjh4uqd.onionvanhelwmbf2bwzw7gmseg36qqm4ekc5uuhqbsew4eihzcahyq7sukzad.onionvanheltarnbfjhuvggbncniap56dscnzz5yf6yjmxqivqmb5r2gmllad.onionvanhelcbxqt4tqie6fuevfng2bsdtxgc7xslo2yo7nitaacdfrlpxnqd.onion

vanirgroup

6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion

vect

bu7zr6fotni3qxxoxlcmpikwtp5mjzy7jkxt7akflnm2kwkbdtgtjuid.onionvectordntlcrlmfkcm4alni734tbcrnd5lk44v6sp4lqal6noqrgnbyd.onion

vendetta

Ransomware, which appears to be a rebranding of win.cuba.

test.cuba4ikm4jakjgmkezytyawtdgr2xymvy6nvzgw5cglswg3si76icnqd.onion

vfokx

vfokxcdzjbpehgit223vzdzwte47l3zcqtafj34qrr26htjo4uf3obid.onion746pbrxl7acvrlhzshosye3b3udk4plurpxt2pp27pojfhkkaooqiiqd.onion

vicesociety

Vice Society ransomware appends the .v-society extension when encrypting Linux machines. Running a leak site on the darkweb, Possible relations with "...

4hzyuotli6maqa4u.onionvsociethok6sbprvevl4dlwbqrzyhxcxaqpvcqt5belwvsuxaxsutyad.onionecdmr42a34qovoph557zotkfvth4fsz56twvwgiylstjup4r5bpc4oad.onionwmp2rvrkecyx72i3x7ejhyd3yr6fn5uqo7wfus7cz7qnwr6uzhcbrwad.onionssq4zimieeanazkzc5ld4v5hdibi2nzwzdibfh5n5w4pw5mcik76lzyd.onionml3mjpuhnmse4kjij7ggupenw34755y4uj7t742qf7jg5impt5ulhkid.onion

walocker

weepangrbqjfsxd2noz4bmolztnqsma3vw4c6qfnbfusadzd2m26emqd.onion

wannacry

WannaCry ransomware is a cyber attack that spreads by exploiting vulnerabilities in the Windows operating system. At its peak in May 2017, WannaCry be...

none.

warlock

The Warlock ransomware and operator(s) are believed to be attributed to Storm-2603, a China-based threat actor who is also known to have deployed Lock...

elqfbcx5nofwtqfookqml7ltx2g6q6tmddys6e25vgu3al2meim6cbqd.onionzfytizegsze6uiswodhbaalyy5rawaytv2nzyzdkt3susbewviqqh7yd.onionocwjy4ynmpbbzhumh2ama2vl3bc77lf5auqf7nf4k45lbmzoep2rbyid.onionwarlockhga5iw3t54ps5iytlilf7hlvxy7kwrkidspn4qoh64s4vsuyd.onion

werewolves

werewolves.proweerwolven.biz

weyhro

xtxtpqpyaaek4p4525ksepyyy75gfvi47fptm2gftw7cn656rnfhzdqd.onionweyhro.hkweyhro27ruifvuqkk3hxzcrtxv2lsalntxgkv6q2j3znkhdqudz54rqd.onionweyhro27ruifvuqkk3hxzcrtxv2lsalntxgkv6q2j3znkhdqudz54rqd.onionweyhro.hk

worldleaks

World Leaks emerged in January 2025 as a rebrand of the Hunters International ransomware operation, shifting its focus from file encryption to solely ...

worldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onionworldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onion

x001xs

nalr2uqsave7y2r235am5jsfiklfjh5h4jc5nztu3rzvmhklwt5j6kid.onion

xinglocker

xingnewj6m4qytljhfwemngm7r7rogrindbq7wrfeepejgxc3bwci7qd.onion

xinof

wj3b2wtj7u2bzup75tzhnso56bin6bnvsxcbwbfcuvzpc4vcixbywlid.onion

xp95

37lfmtakhknzx5t6k57ieijkiqrc4c3kpimfvrmafva25ut2tknvw3yd.onion

yanluowang

According to PCrisk, Yanluowang is ransomware that encrypts (and renames) files, ends all running processes, stops services, and creates the README.tx...

jukswsxbh3jsxuddvidrjdvwuohtsy4kxg2axbppiyclomt2qciyfoad.onion

yurei

fewcriet5rhoy66k6c4cyvb2pqrblxtx4mekj3s5l4jjt4t4kn4vheyd.onion

zeon

zeonrefpbompx6rwdqa5hxgtp2cxgfmoymlli3azoanisze33pp3x3yd.onion

zerolockersec

ghfuviaplse6nbeowu7ghhid5hdowutbwbrv77aqgwco2b2ntgj3auad.onion

zerotolerance

zhuobnfsddn2myfxxdqtpxk367dqnntjf3kq7mrzdgienfxjyllq4rqd.onion

ALP-001

⚠️ The group appears unreliable. Most, if not all, of its alleged victims cannot be verified. WE HAVE DECIDED TO REMOVE ENTRIES FOR THIS GROUP

b4riuxx7ypobdptctf6lyfcvgi6vn74iurzdh4kn2agbk7472dvywgyd.onion

netrunner

netrunrsb3bivj5gnwajzxlig5qkteb6edgthxj7fmsvhkzxtwfxwaad.onion

krybit

krybitxdpxohsmjooeb3gbgpmdddreh6mnflzac6bnezz74b7yje67yd.onionkrybitx3fh5krdnhegyp2ob3lhizsaiadturtio3ginf7it5gsdgu2yd.onionkrybitqsdzwmhnitvwuhvsntfgf2wrhxveyxroxpc44c6gkft2cqldyd.onionkrybitqsdzwmhnitvwuhvsntfgf2wrhxveyxroxpc44c6gkft2cqldyd.

Datos externos, no correlacionados directamente con nuestros sensores

Ransomware.live