Ransomware Groups
Track active ransomware operations, dark web infrastructure, and associated threat actors
Proxima
Spook
Qiulong
Blackbasta
"Black Basta" is a new ransomware strain discovered during April 2022 - looks in dev since at least early February 2022 - and due to their ability to quickly amass new victims and the style of their negotiations, this is likely not a new operation but rather a rebrand of a previous top-tier ransomware gang that brought along their affiliates.
Ransomedvc2
Lockbit4
Zeoticus
Punisher
Inc Ransom
Freeworld
Tycoon
Siegedsec
Not a ransomware group but a hacktivist group that appeared coincidentally days before Russia’s invasion of Ukraine
Yurei
Bluebox
Aptlock
Sinobi
Darkwave
Datakeeper
Lokilocker
Donex
Losttrust
Kraken
Lorenz
Tesorion describes Lorenz as a ransomware with design and implementation flaws, leading to impossible decryption with tools provided by the attackers. A free decryptor for 2021 versions was made available via the NoMoreRansom initiative. A new version of the malware was discovered in March 2022, for which again was provided a free decryptor, while the ransomware operators are not able to provide tools to decrypt affected files.