Redalert

Ransomware Group Profile

Overview

RedAlert (also called N13V) is a ransomware group first observed in July 2022 that targets both Windows and Linux VMware ESXi servers, encrypting virtual machine files using the NTRUEncrypt algorithm and accepting only Monero for payment, conducting double-extortion attacks against corporate networks.

Dark Web Infrastructure (6)
blog2hkbm6gogpv2b3uytzi3bj5d5zmc4asbybumjkhuqhas355janyd.onion
qrcxhs4x2n4a65rk3zbwm5hu6475bi4w2mdjhfmusovnjc6hc6qcv3ad.onion
ocsmkribkmoij3uhvhxlpxlpebqhzo5uingee7mvebnv57jqya745uyd.onion
ybxtfftwy2iwfqjy7fvvcrt5sd55fx3sk2yuztbx3y2dxb4dvqdhsiid.onion
gwvueqclwkz3h7u75cks2wmrwymg3qemfyoyqs7vexkx7lhlteagmsyd.onion
je2yizds7r4uidk6uixfxwjj5w7or2agit4aj66l4lrhdbrvr3lsymid.onion
Activity Timeline
First Seen2022
Last Seen2024
Leak Sites6
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001