Ransomware Groups

Track active ransomware operations, dark web infrastructure, and associated threat actors

637
Ransomware Groups

Ailock

10 sites2025

Darkhav0C

1 site2025

Ako

A Windows ransomware that will run certain tasks to prepare the target system for the encryption of files. MedusaLocker avoids executable files, probably to avoid rendering the targeted system unusable for paying the ransom. It uses a combination of AES and RSA-2048, and reportedly appends extensions such as .encrypted, .bomber, .boroff, .breakingbad, .locker16, .newlock, .nlocker, and .skynet.

1 site2021

Naga

1 site2025

Cryptbb

2 sites2023

The Gentlemen

2 sites2025

Datacarry

1 site2026

Mount Locker

1 site2021

Bytesfromheaven

1 site2025

Leaknet

3 sites2025

Sarcoma

10 sites2025

Obscura

1 site2026

A1Project

Alp 001

2 sites2026

Sphinx

1 site2025

Werewolves

3 sites2026

Blackhunt

1 site2025

Hellokitty

Unit42 states that HelloKitty is a ransomware family that first surfaced at the end of 2020, primarily targeting Windows systems. The malware family got its name due to its use of a Mutex with the same name: HelloKittyMutex. The ransomware samples seem to evolve quickly and frequently, with different versions making use of the .crypted or .kitty file extensions for encrypted files. Some newer samples make use of a Golang packer that ensures the final ransomware code is only loaded in memory, most likely to evade detection by security solutions.

2 sites1 actor2021
UNC2447

Dharma

Lsd

1 site1 actor2026
Rocke, Iron Group

Dunghill

7 sites2024

Nova

Nova (formerly RALord) is a ransomware-as-a-service (RaaS) group that encrypts victims’files and uses double-extortion tactics to pressure organizations into paying for decryption and data non-disclosure.

13 sites2025

Oceans

Slam

5 sites2025
Showing 73 - 96 of 637
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Setup in 5 minutesSOC 2 & ISO 27001