Obscura

Ransomware Group Profile

Overview

Obscura is a ransomware strain observed in 2025, written in Go and specifically targeting Windows domain controllers via the SYSVOL/NETLOGON share, using Curve25519 + XChaCha20 encryption with double-extortion tactics and a 10-day payment deadline.

Dark Web Infrastructure (1)
obscurad3aphckihv7wptdxvdnl5emma6t3vikcf3c5oiiqndq6y6xad.onion
Activity Timeline
First Seen2026
Last Seen2026
Leak Sites1
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001