Karakurt

Ransomware Group Profile

Overview

Karakurt is a pure data-extortion group (no encryption) assessed with high confidence to be the extortion arm of the Conti ransomware group, active from 2021, that steals data and threatens to auction or publish it unless ransoms ranging from $25,000 to $13 million are paid.

Dark Web Infrastructure (9)
3f7nxkjway3d223j27lyad7v5cgmyaifesycvmwq7i7cbs23lb6llryd.onion
www.karanews.live
karakurt.tech
karaleaks.com
omx5iqrdbsoitf3q4xexrqw5r5tfw7vp3vl3li3lfo7saabxazshnead.onion
53dxw3yoeirahqn263a7ihzv2hhsjzdgvwqxdcuujlsrctmqzsph6tid.onion
jo7jezin3bmprlivyleqfv7rq3j4m36hd7bf2bguabxf2rlyrvrjwhad.onion
nrulhk2lbzt7jw6tnsq6gkjrn37j7uwfu5oxbuxezgherhuhakl2tqid.onion
t5sb509msc3q4ls06o1g8e4egfxl1o7e79yvlldakfphc0nf7rwiyphv.onion
Activity Timeline
First Seen2023
Last Seen2026
Leak Sites9
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001