Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Ragnarlocker

Ragnar Locker was an elite ransomware group active from December 2019 to October 2023 that targeted large enterprises and critical infrastructure — including Capcom and Campari — claiming at least 168 victims before being taken down by a Europol-led international law enforcement operation in October 2023.
External information

Victims
128
 
First Discovered
2020-04-01
victim
Last Discovered
2023-10-11
victim
Inactive Since
2yrs
more than
Avg Delay
10
days
Infostealer
14.3%
victims with domain
Countries
6
hit
View Victims on World Map View Group Statistics
Known Locations (4)
Favicon Title Type Available Last Visit Server Info FQDN
favicon No 2026-04-28T07:21:17 rgleak7op734elep.onion
favicon This site has been seized Yes 2026-05-18T23:17:58 NGINX nginx 1.28.3 rgleaktxuey67yrgspmhvtnrqtgogur35lwdrup4d3igtbm3pupc4lyd.onion
favicon No 2026-04-28T07:21:19 p6o7m73ujalhgkiv.onion
favicon This site has been seized Yes 2026-05-18T23:18:42 NGINX nginx 1.28.3 ragnarnwvli32xnmwudsvhbl7klzmofxeylyhcqfc5ifx5mbybq3ekqd.onion
Target
Top 5 Activity Sectors
  • Manufacturing 25
  • Technology 14
  • Agriculture and Food Production 9
  • Energy 9
  • Business Services 9
Top 5 Countries
  • FR flag France 3
  • GB flag United Kingdom 1
  • BZ flag Belize 1
  • IT flag Italy 1
  • US flag United States 1
Heatmap
Ransom Notes (2)
Tools Used
This information is provided by Ransomware-Tool-Matrix
Discovery RMM Tools Defense Evasion Credential Theft OffSec Networking LOLBAS Exfiltration
Advanced Port Scanner
Dsquery
PsInfo
SoftPerfect LanSearchPro
AnyDesk
Remote Manipulator System (RMS)
RemoteUtilities
VirtualBox
Cobalt Strike
PsExec
WMIC
TTPs Matrix (9)
This information is provided by Crocodyli & Ransomware.live
Initial Access Execution Defense Evasion Credential Access Discovery Lateral Movement Exfiltration Command and Control Impact
Valid Accounts Command and Scripting Interpreter: PowerShell Virtualization/Sandbox Evasion: System Checks OS Credential Dumping System Information Discovery Remote Services: Remote Desktop Protocol Exfiltration Over Web Service Application Layer Protocol: Web Protocols Data Encrypted for Impact
Exploit Public-Facing Application   Disable or Modify Tools   Network Share Discovery       Inhibit System Recovery
YARA Rules (1)
Victims (128)
Logo
Scotbeef Ltd. - Leaks
Ragnarlocker
Discovered: 2023-10-11 (2y ago)
No description available
Logo
Eicon Controle Inteligentes
Ragnarlocker
Discovered: 2023-10-11 (2y ago)
No description available
Logo
International Presence Ltd - Leaked
Ragnarlocker
Discovered: 2023-10-06 (2y ago)
No description available
Logo
Learning Partnership West - Leaked GB
Ragnarlocker
Discovered: 2023-10-05 (2y ago)
No description available
Logo
Groupe Fructa Partner - Leaked
Ragnarlocker
Discovered: 2023-10-03 (2y ago)
No description available
Logo
Network Pacific Real Estate - Leak
Ragnarlocker
Discovered: 2023-09-30 (2y ago)
No description available
Logo
Astre - Leaked
Ragnarlocker
Discovered: 2023-09-30 (2y ago)
No description available
Logo
Stratesys Full data leak
Ragnarlocker
Discovered: 2023-09-25 (2y ago)
No description available
Logo
Announcement: COMECA Group going to be Leaked
Ragnarlocker
Discovered: 2023-09-22 (2y ago)
No description available
Logo
Announcement: Skatax Accounting company going to be leaked
Ragnarlocker
Discovered: 2023-09-22 (2y ago)
No description available
Logo
Retail House - Full Leak
Ragnarlocker
Discovered: 2023-09-22 (2y ago)
No description available
Logo
Announcement: Stratesys solutions going to be leaked
Ragnarlocker
Discovered: 2023-09-21 (2y ago)
No description available
Logo
Announcement: Stratesys solutions going to b
Ragnarlocker
Discovered: 2023-09-21 (2y ago)
No description available
Logo
Announcement: Groupe Fructa Partner will be leaked soon
Ragnarlocker
Discovered: 2023-09-19 (2y ago)
No description available
Logo
CITIZEN company LEAKED
Ragnarlocker
Discovered: 2023-09-18 (2y ago)  ·  Attack est.: 2023-09-17
No description available
Logo
Announcement: Retail House going to be LEAKED
Ragnarlocker
Discovered: 2023-09-17 (2y ago)
No description available
Logo
Updates: Israel "MYMC"
Ragnarlocker
Discovered: 2023-09-15 (2y ago)
No description available
Logo
Israel Medical Center - leaked
Ragnarlocker
Discovered: 2023-09-06 (2y ago)
No description available
Logo
DOIT - Canadian IT company allowed leak of its own clients.
Ragnarlocker
Discovered: 2023-09-02 (2y ago)
No description available
Logo
Batesville didn't react on appeal and allows Full Leak
Ragnarlocker
Discovered: 2023-08-08 (2y ago)
No description available
Logo
Batesville Tool & Die, Inc will be leaked in 3 Days
Ragnarlocker
Discovered: 2023-07-31 (2y ago)
No description available
Logo
Belize Electricity Limited - Leaked BZ
Ragnarlocker
Discovered: 2023-07-10 (2y ago)
No description available
Logo
Portugal Scotturb Data Leaked
Ragnarlocker
Discovered: 2023-07-05 (2y ago)
No description available
Logo
Australian Universal Crane Leak
Ragnarlocker
Discovered: 2023-05-28 (2y ago)
No description available
Logo
Autlan Metallorum, Mexican Miner Leak
Ragnarlocker
Discovered: 2023-05-18 (3y ago)
No description available
Logo
CANTALK, Canadian translation services - Leak
Ragnarlocker
Discovered: 2023-04-25 (3y ago)
No description available
Logo
Public Appeal to the CANTALK management
Ragnarlocker
Discovered: 2023-03-29 (3y ago)
No description available
Logo
Temporary Leak Page #0013995NTa
Ragnarlocker
Discovered: 2023-03-29 (3y ago)  ·  Attack est.: 2023-03-10
No description available
Logo
New Leak in lawyers company AASP.
Ragnarlocker
Discovered: 2023-03-03 (3y ago)
No description available
Logo
New Leak in lawyers company.
Ragnarlocker
Discovered: 2023-03-03 (3y ago)
No description available
Logo
AASP claim there was no data leakage!
Ragnarlocker
Discovered: 2023-02-22 (3y ago)
No description available
Logo
Hundred thousands of personal data, leak preview
Ragnarlocker
Discovered: 2022-12-28 (3y ago)
AOAL - Azienda Ospedaliera di Alessandria…
Logo
Wrapex Industrial - Leaked
Ragnarlocker
Discovered: 2022-12-20 (3y ago)
No description available
Logo
Serena Hotels - Leaked
Ragnarlocker
Discovered: 2022-12-20 (3y ago)
No description available
Logo
ITONCLOUD - LEAKED
Ragnarlocker
Discovered: 2022-12-13 (3y ago)
No description available
Logo
Essent company - Leaked
Ragnarlocker
Discovered: 2022-11-25 (3y ago)
No description available
Logo
Leak Announcement - IT company ITonCLOUD
Ragnarlocker
Discovered: 2022-11-22 (3y ago)
No description available
Logo
Belgium company Zwijndrecht - Leaked
Ragnarlocker
Discovered: 2022-11-16 (3y ago)
No description available
Logo
DURAVIT A.G. - Announcement before publishing data
Ragnarlocker
Discovered: 2022-10-27 (3y ago)
No description available
Logo
Dollmar SpA - Leaked
Ragnarlocker
Discovered: 2022-10-19 (3y ago)
No description available
Logo
DIPF-INTERN - Leaked
Ragnarlocker
Discovered: 2022-10-18 (3y ago)
No description available
Logo
Fashion company ZIGI NY - Leaked
Ragnarlocker
Discovered: 2022-10-13 (3y ago)
No description available
Logo
DMCI Holding Leaked
Ragnarlocker
Discovered: 2022-10-10 (3y ago)
No description available
Logo
TANG CAPITAL LEAKED
Ragnarlocker
Discovered: 2022-10-10 (3y ago)
No description available
Logo
Avalon luxury transport company - Leaked
Ragnarlocker
Discovered: 2022-10-05 (3y ago)
No description available
Logo
AudioQuest Data Leaked
Ragnarlocker
Discovered: 2022-10-03 (3y ago)
No description available
Logo
Malayan Flour Mills Bhd. Data Leak
Ragnarlocker
Discovered: 2022-10-03 (3y ago)
No description available
Logo
Who is the real Bad Guys here? Or what recovery experts prefer to keep silent.
Ragnarlocker
Discovered: 2022-09-19 (3y ago)
No description available
Logo
TAP Air Leak of more than 1.5 million of customers and many other.
Ragnarlocker
Discovered: 2022-09-19 (3y ago)
No description available
Logo
TAP AIR PORTUGAL - 115k personal data leak
Ragnarlocker
Discovered: 2022-09-12 (3y ago)
No description available
Logo
DDoS instead of the Discuss - Nice try TAP Air
Ragnarlocker
Discovered: 2022-09-07 (3y ago)
No description available
Logo
TAP Air - First Facts
Ragnarlocker
Discovered: 2022-09-02 (3y ago)
No description available
Logo
USA Insurance company - Smith brothers File tree and some proofs
Ragnarlocker
Discovered: 2022-08-31 (3y ago)
No description available
Logo
Huge drama for Tap Air Portugal
Ragnarlocker
Discovered: 2022-08-31 (3y ago)
No description available
Logo
Announcement. Action Lab File-tree
Ragnarlocker
Discovered: 2022-08-23 (3y ago)
No description available
Logo
DESFA - Pipeline company LEAK
Ragnarlocker
Discovered: 2022-08-23 (3y ago)
No description available
Logo
Greece pipeline company breached - DESFA
Ragnarlocker
Discovered: 2022-08-19 (3y ago)
No description available
Logo
File-tree of Tang Capital
Ragnarlocker
Discovered: 2022-08-18 (3y ago)
No description available
Logo
Puma Biotechnology - decided to allow Leaks
Ragnarlocker
Discovered: 2022-08-02 (3y ago)
No description available
Logo
GENSCO Inc. - allows Leak
Ragnarlocker
Discovered: 2022-07-19 (3y ago)
No description available
Logo
Epec.PL - Lied about the absence of Leak
Ragnarlocker
Discovered: 2022-07-13 (3y ago)
No description available
Logo
New Leak: Prudential LTG.
Ragnarlocker
Discovered: 2022-06-24 (3y ago)
No description available
Logo
New Leak: Northern Data Systems
Ragnarlocker
Discovered: 2022-06-23 (3y ago)
No description available
Logo
Sierra Packaging Leaked
Ragnarlocker
Discovered: 2022-06-04 (3y ago)
No description available
Logo
Jonathan Adler Leaks
Ragnarlocker
Discovered: 2022-06-01 (3y ago)
No description available
Logo
Germany Corporation "VMT-GmbH" Leaked
Ragnarlocker
Discovered: 2022-05-23 (3y ago)
No description available
Logo
Simonson-Lumber decided to be Leaked
Ragnarlocker
Discovered: 2022-05-11 (4y ago)
No description available
Logo
Simonson-Lumber Inc. First batch of Data.
Ragnarlocker
Discovered: 2022-04-20 (4y ago)
No description available
Logo
International Centre Leaked
Ragnarlocker
Discovered: 2022-04-06 (4y ago)
No description available
Logo
Smith Transport Full Leak
Ragnarlocker
Discovered: 2022-03-14 (4y ago)
No description available
Logo
GHI Hornos Industriales Fully Leaked
Ragnarlocker
Discovered: 2022-03-04 (4y ago)
No description available
Logo
GHI Hornos Industriales first batch of Data (0,1%)
Ragnarlocker
Discovered: 2022-02-28 (4y ago)
No description available
Logo
Airspan Networks got Leaked
Ragnarlocker
Discovered: 2022-01-25 (4y ago)
No description available
Logo
IT-companies Subex & Sectrio Leaked
Ragnarlocker
Discovered: 2022-01-08 (4y ago)
No description available
Logo
Company Group LDLC FR
Ragnarlocker
Discovered: 2021-12-15 (4y ago)
No description available
Logo
Leak of IT company Saksoft
Ragnarlocker
Discovered: 2021-12-10 (4y ago)
No description available
Logo
Full Data Leak Linical
Ragnarlocker
Discovered: 2021-12-09 (4y ago)
No description available
Logo
Update: Linicals Data
Ragnarlocker
Discovered: 2021-12-04 (4y ago)
No description available
Logo
Groupe LDLC is going to be Leaked FR
Ragnarlocker
Discovered: 2021-12-02 (4y ago)
No description available
Logo
Team Computers Ltd. - Leak
Ragnarlocker
Discovered: 2021-11-23 (4y ago)
No description available
Logo
LINICAL doesn't care about digital hygiene
Ragnarlocker
Discovered: 2021-10-30 (4y ago)
No description available
Logo
Atlas Financial Holdings, Inc. - Leaked
Ragnarlocker
Discovered: 2021-10-06 (4y ago)
No description available
Logo
FULL DATA LEAK of Primary Residential Mortgage, Inc. //
Ragnarlocker
Discovered: 2021-09-14 (4y ago)
No description available
Logo
Primary Residential Mortgage inc. - Leaked
Ragnarlocker
Discovered: 2021-09-11 (4y ago)
No description available
Logo
Who is the real Bad Guys here? Or what recovery experts prefer to keep silent.
Ragnarlocker
Discovered: 2021-09-09 (4y ago)
No description available
Logo
Announcement: FTP
Ragnarlocker
Discovered: 2021-07-01 (4y ago)
No description available
Logo
GATEWAY Property Management
Ragnarlocker
Discovered: 2021-06-23 (4y ago)
No description available
Logo
Software company Xoriant
Ragnarlocker
Discovered: 2021-06-06 (4y ago)
No description available
Logo
New Leak GatewayPM
Ragnarlocker
Discovered: 2021-06-05 (4y ago)
No description available
Logo
NEW Links for ADATA
Ragnarlocker
Discovered: 2021-05-26 (4y ago)
No description available
Logo
ADATA LEAKED
Ragnarlocker
Discovered: 2021-05-25 (4y ago)
No description available
Logo
ADATA
Ragnarlocker
Discovered: 2021-05-01 (5y ago)
No description available
Logo
Webhelp's company - XtraSource
Ragnarlocker
Discovered: 2021-02-08 (5y ago)
No description available
Logo
Ludwig Pfeiffer Leaked
Ragnarlocker
Discovered: 2021-01-26 (5y ago)
No description available
Logo
Grupo SADA Leak
Ragnarlocker
Discovered: 2020-12-24 (5y ago)
No description available
Logo
New Data Leak post from Chemical company
Ragnarlocker
Discovered: 2020-12-23 (5y ago)
No description available
Logo
Kaye/Bassman International - New "Wall of Shamer"
Ragnarlocker
Discovered: 2020-12-18 (5y ago)
No description available
Logo
Cornerstone-BB Group Leaked
Ragnarlocker
Discovered: 2020-12-14 (5y ago)
No description available
Logo
Attention, Dassault Falcon Jet updated
Ragnarlocker
Discovered: 2020-12-13 (5y ago)
No description available
Logo
Advertising Material: Forest Construction Leaked
Ragnarlocker
Discovered: 2020-12-12 (5y ago)
No description available
Logo
LEAK Post Campari Group
Ragnarlocker
Discovered: 2020-12-10 (5y ago)
No description available
Logo
Updates with files in EastCoastSeafood Inc.
Ragnarlocker
Discovered: 2020-12-10 (5y ago)
No description available
Logo
New "WallofShamer" - East Coast Seafood Inc.
Ragnarlocker
Discovered: 2020-12-10 (5y ago)
No description available
Logo
Shasun Chemicals & Drugs Ltd. LEAK
Ragnarlocker
Discovered: 2020-12-06 (5y ago)
No description available
Logo
JMA Energy LEAK
Ragnarlocker
Discovered: 2020-12-05 (5y ago)
No description available
Logo
New Files For Leak Campari Post
Ragnarlocker
Discovered: 2020-11-30 (5y ago)
No description available
Logo
Ragnar_Team Announce of Potential "WallofShamer"
Ragnarlocker
Discovered: 2020-11-10 (5y ago)
No description available
Logo
LEAK Post CAPCOM
Ragnarlocker
Discovered: 2020-11-08 (5y ago)
No description available
Logo
LEAK post FINSA
Ragnarlocker
Discovered: 2020-11-08 (5y ago)
No description available
Logo
Campari Group IT
Ragnarlocker
Discovered: 2020-11-01 (5y ago)
No description available
Logo
Official appeal to DASSAULT FALCON JET
Ragnarlocker
Discovered: 2020-11-01 (5y ago)
No description available
Logo
DASSAULT FALCON JET
Ragnarlocker
Discovered: 2020-10-30 (5y ago)
No description available
Logo
Security breach of CAPCOM network
Ragnarlocker
Discovered: 2020-10-20 (5y ago)
No description available
Logo
Security breach of Campari Group network
Ragnarlocker
Discovered: 2020-10-08 (5y ago)
No description available
Logo
CMA CGM (french carrier, container line) FR
Ragnarlocker
Discovered: 2020-09-28 (5y ago)
No description available
Logo
BIOLOGICAL E. Ltd. (BE) LEAK POST
Ragnarlocker
Discovered: 2020-09-27 (5y ago)
No description available
Logo
Insignia Environmental company.
Ragnarlocker
Discovered: 2020-07-13 (5y ago)
No description available
Logo
GST Autoleather Company !
Ragnarlocker
Discovered: 2020-06-22 (5y ago)
No description available
Logo
Bailey&Galyen Attorney at Law
Ragnarlocker
Discovered: 2020-06-22 (5y ago)
No description available
Logo
ST Engineering
Ragnarlocker
Discovered: 2020-06-22 (5y ago)
No description available
Logo
New leaks from SOLTEK PACIFIC
Ragnarlocker
Discovered: 2020-06-22 (5y ago)
No description available
Logo
Astro Industries, Inc. US
Ragnarlocker
Discovered: 2020-06-22 (5y ago)
No description available
Logo
Leaks from company EDP Group
Ragnarlocker
Discovered: 2020-06-19 (5y ago)
No description available
Logo
Leaks from company Omniga GmbH & Co.
Ragnarlocker
Discovered: 2020-06-19 (5y ago)
No description available
Logo
Brunner Announce – Hello World !
Ragnarlocker
Discovered: 2020-06-11 (5y ago)
No description available
Logo
Leakage from company Catania, Mahon & Rider, PLLC
Ragnarlocker
Discovered: 2020-06-11 (5y ago)
No description available
Logo
Leaks Company Birch Communications inc.
Ragnarlocker
Discovered: 2020-06-10 (5y ago)
No description available
Logo
Energias de Portugal (EDP) PT
Ragnarlocker
Discovered: 2020-04-01 (6y ago)
No description available