Ransomware Group:  
Ragnarok


Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | Ransom Note(s) | Activity | Worldmap | Victims (3)

According to Bleeping Computer, the ransomware is used in targeted attacks against unpatched Citrix servers. It excludes Russian and Chinese targets using the system's Language ID for filtering. It also tries to disable Windows Defender and has a number of UNIX filepath references in its strings. Encryption method is AES using a dynamically generated key, then bundling this key up via RSA.


Sites

Title Available Last Visit FQDN Screenshot
None 🔴 2021-05-01 00:00:00.000000 wobpitin77vdsdiswr43duntv6eqw4rvphedutpaxycjdie6gg3binad.onion N/A
Decrypt Site 🔴 2021-08-27 00:03:27.017295 sushlnty2j7qdzy64qnvyb6ajkwg7resd3p6agc2widnawodtcedgjid.onion N/A

Ransom Note(s)

 Click here to see Ransom Note(s)

Activity over time

Worldmap

3 Victims

flag

FNBNWFL Data leaked 

Company logo
Ransomware Group:
Ragnarok

Discovery Date: 2021-12-30 10:10

Sector:

Group: 
flag

Decrypt 

Company logo
Ransomware Group:
Ragnarok

Discovery Date: 2021-09-09 23:46

Sector:

Group: 
flag

Boggi Milano 

Company logo
Ransomware Group:
Ragnarok

Discovery Date: 2021-03-31 00:00

Sector: Commercial Facilities

Group: 

© 2024 Ransomware.live. All rights reserved.  |    Contact us  |    BlueSky  |    GitHub  |    LinkedIn

  Support Ransomare.live

Last Dataset update : 2024-11-21 09:50:04 UTC