Ransomware Groups

Track active ransomware operations, dark web infrastructure, and associated threat actors

637
Ransomware Groups

Space Bears

1 site2026

Gunra

10 sites2025

Suncrypt

2 sites1 actor2021
SunCrypt Gang

Jo Of Satan

1 site2021

Arvinclub

2 sites2022

Playboy

2 sites2024

Zircon

1 site2025

Weaxor

1 site2024

Telegram

Bluesky

1 site2023

Malphas

Ghost

1 actor
UTG-Q-015

Evolution

1 site2026

Toufan

Pro-Palestinian Group

4 sites2026

Cryptnet

According to OALabs, this ransomware has the following features: * Files are encrypted with AES CBC using a generated 256 bit key and IV.* The generated AES keys are encrypted using a hard coded RSA key and appended to the encrypted files.

2 sites2023

Diavol

A ransomware with potential ties to Wizard Spider.

1 site2 actors2022
Wizard Spider, Gold BlackburnWIZARD SPIDER

Noescape

2 sites2023

Ragnarlocker

11 sites3 actors2021
FIN8UNC2447+1

Doppelpaymer

Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore original files. It is recognizable by its trademark file extension added to encrypted files: .doppeled. It also creates a note file named: ".how2decrypt.txt".

2 sites1 actor2022
Doppel Spider

Frozen

Mcrypt2019

Kawa

1 site2025

Cry0

2 sites2026

Killsec3

2 sites2026
Showing 121 - 144 of 637
PreviousNext
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001