Ransomware Group:  
Hellcat



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | Ransom Note(s) | Activity | Worldmap | Victims (7)


Sites

Favicon Title Available Last Visit FQDN Screenshot
HELLCAT 🟢 2025-01-18 03:01:25.639592 hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion 📸

Ransom Note(s)

Activity over time

Worldmap

7 Victims

TR flag

Car Care Plan - Turkey 

Company logo
Ransomware Group:

Discovery Date: 2024-12-26 00:47

Sector: Financial
We have successfully stolen over50 GBof data from Car Care Plan, including financial records with sensitive information, legal documents and statements, customer records, along with internal documents and records. All the data has been encrypted, and without our decryption key, it is almost impossible to decrypt.To ensure the return of this data, we are demanding a ransom of0.5 BTC. The deadline for this payment is fast approaching. Once the payment is received, the decryption key will be provided, and the data will be returned without delay. It is up to Car Care Plan to act accordingly.

Victim:   |  Group: 
ID flag

Sistem Informasi Pengelolaan Keuangan Daerah (SIPKD) 

Company logo
Ransomware Group:

Discovery Date: 2024-12-25 13:10

Sector: Government
We have successfully stolen82 GBof data, including backups, from the e-Finance system of Blora Regency, known as theSistem Informasi Pengelolaan Keuangan Daerah (SIPKD). The data spans from 2018 to the present and remains in our possession. To ensure its safe return, we are demanding1.5 BTC. The deadline for this payment is fast approaching. Once the payment is received, the data will be returned without further delay. The terms are clear, and it is up to Blora Regency's authorities to act accordingly.

Victim:   |  Group: 
US flag

Pinger - USA 

Company logo
Ransomware Group:

Discovery Date: 2024-12-25 13:10

We have successfully breached Pinger, obtaining 111 GB of sensitive data. This includes over 9 million user records, private messages, voice messages, internal tools such as phone number lookup and notification sender, backend systems, and source codes. Since the ransom was not paid, all the data has been publicly released.

Victim:   |  Group: 
TZ flag

College of Business - Tanzania 

Company logo
Ransomware Group:

Discovery Date: 2024-11-04 15:24

Sector: Education
We have released over 500,000 records from Tanzania’s College of Business Education, containing student names, phone numbers, emails, and additional data, including possible billing information.

Victim:   |  Group: 
JO flag

Ministry of Education - Jordan 

Company logo
Ransomware Group:

Discovery Date: 2024-11-04 15:24

Sector: Education
We have successfully accessed and compromised a range of sensitive documents from Jordan's Ministry of Education. This includes images of identification cards, divorce papers, and various letters addressed to the Minister.

Victim:   |  Group: 
FR flag

Schneider Electric - France 

Company logo
Ransomware Group:

Discovery Date: 2024-11-04 15:24

Sector: Energy
[IA generated] Schneider Electric, based in France, is a global leader in energy management and automation. The company focuses on digital transformation by integrating world-leading process and energy technologies. It provides solutions for homes, buildings, data centers, infrastructure, and industries, enhancing efficiency and sustainability. Schneider Electric emphasizes innovation and sustainability in its offerings.

Victim:   |  Group: 
IL flag

The Knesset - Israel 

Company logo
Ransomware Group:

Discovery Date: 2024-10-25 08:53

Sector: Government
We have successfully compromised the Knesset's secure networks and extracted 64GB of sensitive data. This includes internal communications and confidential documents.

Victim:   |  Group: