Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Cephalus

Cephalus is a ransomware group active from mid-2025 that leverages stolen RDP credentials to deploy a Go-based ransomware payload via DLL sideloading, targeting law firms, healthcare, financial services, and IT firms across the US and Japan with 19 known victims.

Victims
19
 
First Discovered
2025-08-26
victim
Last Discovered
2025-08-29
victim
Inactive Since
257
days
Avg Delay
32.5
days
Infostealer
5.3%
victims with domain
Countries
5
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (2)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Cephalus No 2026-04-28T07:22:58 cephalus6oiypuwumqlwurvbmwsfglg424zjdmywfgqm4iehkqivsjyd.onion
favicon Cephalus No 2026-04-28T07:25:19 46.17.42.64.
Target
Top 5 Activity Sectors
  • Business Services 5
  • Healthcare 4
  • Financial Services 2
  • Technology 2
  • Manufacturing 1
Top 5 Countries
  • US flag United States 13
  • GB flag United Kingdom 2
  • IE flag Ireland 1
  • NL flag Netherlands 1
  • JP flag Japan 1
Heatmap
YARA Rules (1)
Indicators of Compromise (IoCs) (1)
IP Address 1
Type IOC
IP Address 46.17.42.64
Victims (19)
Logo
One-LUX GB
Cephalus
Discovered: 2025-08-29 (8mo ago)
coming soon…
Logo
Shropdoc GB
Cephalus
Discovered: 2025-08-29 (8mo ago)
coming soon…
Logo
Shelbourne Accountants IE
Cephalus
Discovered: 2025-08-29 (8mo ago)
coming soon...…
Logo
Delta Information Systems US
Cephalus
Discovered: 2025-08-29 (8mo ago)
We have got all the software and hardware code,and got 800G+ of internal data. The link will coming …
Logo
Colorado Health Network Inc US
Cephalus
Discovered: 2025-08-28 (8mo ago)
900G+ data coming soon…
Logo
Texas Pregnancy Care Network US
Cephalus
Discovered: 2025-08-28 (8mo ago)
coming soon…
Logo
wilderlawfirm US
Cephalus
Discovered: 2025-08-28 (8mo ago)
coming soon…
Logo
CoCo Yachts NL
Cephalus
Discovered: 2025-08-28 (8mo ago)
We got a total of 1.8TB+ of data,including project,clients,employee information,and a certain countr…
Logo
txpregnancy.org - Fake Abortion Clinics Exposed US
Cephalus
Discovered: 2025-08-26 (8mo ago)
coming soon…
Logo
Town of Vienna, VA US
Cephalus
Discovered: 2025-08-26 (8mo ago)
coming soon…
Logo
Lewis Baach Kaufmann Middlemiss PLLC US
Cephalus
Discovered: 2025-08-26 (8mo ago)
coming soon…
Logo
Lee & Associates US
Cephalus
Discovered: 2025-08-26 (8mo ago)  ·  Attack est.: 2025-08-20
Lee & Associates DATA LEAK | (TB)…
Logo
Sherman, Silverstein, Kohl, Rose & Podolsky, P.A. US
Cephalus
Discovered: 2025-08-26 (8mo ago)
SSKRPLAW DATA LEAK | (5GB+ ZIP)…
Logo
Guerrero Mears LLP US
Cephalus
Discovered: 2025-08-26 (8mo ago)
Guerrero Mears LLP DATALEAK | (FORGOT THE SIZE)…
Logo
LPL Financial US
Cephalus
Discovered: 2025-08-26 (8mo ago)
LPL Financial DATA LEAK | (I FORGOT THE SIZE,BUT ITS HUGE)…
Logo
K Strategies Marketing and Public Relations US
Cephalus
Discovered: 2025-08-26 (8mo ago)
K Strategies Marketing and Public Relations LEAK | 900+GB…
Logo
BAR Architects & Interiors
Cephalus
Discovered: 2025-08-26 (8mo ago)
BAR Architects & Interiors DATA LEAK | 1.5T+…
Logo
SystemExec Co., Ltd. JP
Cephalus
Discovered: 2025-08-26 (8mo ago)
SystemExec Co., Ltd. (システムエグゼ) GitLab naked repo leak | 30G+…
Logo
CareSTL Health US
Cephalus
Discovered: 2025-08-26 (8mo ago)  ·  Attack est.: 2025-06-28
CareSTL Health DATA Leak | 500+GB | KAWA4096 STEALED our data…