Ransomcartel

Ransomware Group Profile

Overview

Ransom Cartel is a ransomware-as-a-service operation that surfaced in December 2021, assessed by Palo Alto Unit 42 to share source code and technical overlap with the defunct REvil group, suggesting its operators had prior access to REvil's codebase, conducting double-extortion attacks against corporate networks.

Dark Web Infrastructure (3)
u67aylig7i6l657wxmp274eoilaowhp3boljowa6bli63rxyzfzsbtyd.onion
cartelraqonekult2cxbzzz2ukiff7v6cav3w373uuhenybgqulxm5id.onion
cartelirsn5l54ehcbalyyqtfb3j7be2rpvf6ujayaf5qqmg3vlwiayd.onion
Activity Timeline
First Seen2022
Last Seen2025
Leak Sites3
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001