Ransomware.live - Group : Nefilim

Ransomware Group:

Nefilim

Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how compromised credentials are impacting your business

According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.

Sites

Title	Available	Last Visit	FQDN	Screenshot
None	🔴	2021-05-01 00:00:00.000000	hxt254aygrsziejn.onion	N/A

Ransom Note(s)

Click here to see Ransom Note(s)

Activity over time

15 Victims

Atlanta Allergy & Asthma. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

Grimmway Farms. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

Elliott Group / Cascade Engineering / Unitex Textile Rental Services. Teaser.

Discovery Date: 2021-09-09 23:46

Sector:

Seven Seas. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

The MADSACK Media Group. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

Tegut. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

TPG Internet. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

Saipa Press. Part 1.

Discovery Date: 2021-09-09 23:46

Sector:

Tegut. Part 2.

Discovery Date: 2021-09-09 23:46

Sector:

The MADSACK Media Group. Part 2.

Discovery Date: 2021-09-09 23:46

Sector:

Whirlpool

Discovery Date: 2020-12-01 00:00

Sector: Critical Manufacturing

DKA (refrigeration and air conditioning specialist, Dussmann Group subsidiary)

Discovery Date: 2020-07-27 00:00

Sector: Critical Manufacturing

Orange (mobile operator)

Discovery Date: 2020-07-04 00:00

Sector: Communication

Fisher and Paykel Appliances

Discovery Date: 2020-06-01 00:00

Sector: Critical Manufacturing

Toll Group

Discovery Date: 2020-05-05 00:00

Sector: Transportation Systems

×

Infostealer information available for

Employees(s)	Customer(s)	Third Party Employee(s)

This information is provided by HudsonRock