Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Karma

| RaaS

Karma is a ransomware group first observed in mid-2021, part of a lineage tracing back through Nefilim and FiveHands, operating double-extortion attacks against enterprises in healthcare, manufacturing, and technology; the group was managed by threat actor "farnetwork" who ran multiple RaaS programs across related strains.

Victims
7
 
First Discovered
2021-10-04
victim
Last Discovered
2021-10-04
victim
Inactive Since
4yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
0
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Karma Leaks No 2026-04-28T07:24:20 3nvzqyo6l4wkrzumzu5aod7zbosq4ipgf7ifgj3hsvbcr5vcasordvqd.onion
Target
Top 5 Activity Sectors
  • Technology 3
  • Manufacturing 2
  • Consumer Services 1
Top 5 Countries
Heatmap
Ransom Notes (1)
YARA Rules (1)
Indicators of Compromise (IoCs) (3)
Email 3
Type IOC
Email kirklord1967@tutanota.com
Email leonardred1989@protonmail.com
Email mikedillov1986@onionmail.org
Victims (7)
Logo
Our first post
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
Saurer. Part 1.
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
Align Technology. Part 1.
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
The next leak will be of a multi billion dollar cosmetics and fragrance company.
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
Align Technology. Part 2.
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
SI Group. Part 1.
Karma
Discovered: 2021-10-04 (4y ago)
No description available
Logo
YASH Technologies. Part 1.
Karma
Discovered: 2021-10-04 (4y ago)
No description available