Mamona

Ransomware Group Profile

Overview

Mamona was a short-lived ransomware rebrand attempted by the operator behind BlackLock RaaS in March 2025 that failed before reverting; as a standalone strain it operates entirely offline with no C2 communication, uses custom encryption, and targets Windows systems.

Dark Web Infrastructure (3)
owt3kwkxod2pvxlv3uljzskfhebhrhoedrh5gqrxyyd6rrco4frzj5ad.onion
185.158.113.114.
bdhjur3agrogoxvwobbzpptkxhyewnjrhzqj4ug2dyfhf3dopyvvurid.onion
Activity Timeline
First Seen2025
Last Seen2025
Leak Sites3
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001