Payloadbin

Ransomware Group Profile

Overview

PayloadBIN is a ransomware strain deployed in 2021 by Evil Corp as a rebranding of their WastedLocker/Hades/Phoenix lineage, specifically designed to evade US Treasury OFAC sanctions by impersonating the unrelated Babuk gang's rebrand rather than operating as an independent group.

Dark Web Infrastructure (1)
vbmisqjshn4yblehk2vbnil53tlqklxsdaztgphcilto3vdj4geao5qd.onion
Associated Threat Actors (1)
Indrik Spider
Activity Timeline
First Seen2022
Last Seen2022
Leak Sites1
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001