Snatch

Ransomware Group Profile

Overview

Snatch is a ransomware which infects victims by rebooting the PC into Safe Mode. Most of the existing security protections do not run in Safe Mode so that it the malware can act without expected countermeasures and it can encrypt as many files as it finds. It uses common packers such as UPX to hide its payload.

Dark Web Infrastructure (11)
hl66646wtlp2naoqnhattngigjp5palgqmbwixepcjyq5i534acgqyad.onion
snatch.press
snatchteam.cc
snatchnews.top
snatch6rpvi7yy4t.onion
snatch2q72f2wjff.onion
snatchh5ssxiorrn.onion
snatch6brk4nfczg.onion
snatchwezarcr27t.onion
snatch24uldhpwrm.onion
snatchteam.top
Associated Threat Actors (2)
TA505, Graceful Spider, Gold EvergreenTA554
Activity Timeline
First Seen2022
Last Seen2026
Leak Sites11
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001