Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Redalert

RedAlert (also called N13V) is a ransomware group first observed in July 2022 that targets both Windows and Linux VMware ESXi servers, encrypting virtual machine files using the NTRUEncrypt algorithm and accepting only Monero for payment, conducting double-extortion attacks against corporate networks.

Victims
6
 
First Discovered
2022-07-14
victim
Last Discovered
2022-09-22
victim
Inactive Since
3yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
2
hit
View Victims on World Map View Group Statistics
Known Locations (2)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Board of shame No 2026-04-28T07:26:08 blog2hkbm6gogpv2b3uytzi3bj5d5zmc4asbybumjkhuqhas355janyd.onion
favicon Login No 2026-04-28T07:28:40 je2yizds7r4uidk6uixfxwjj5w7or2agit4aj66l4lrhdbrvr3lsymid.onion
Target
Top 5 Activity Sectors
  • Business Services 2
  • Technology 1
Top 5 Countries
  • GB flag United Kingdom 1
  • FR flag France 1
Heatmap
Ransom Notes (1)
YARA Rules (1)
Victims (6)
Logo
www.bbadmin.com
Redalert
Discovered: 2022-09-22 (3y ago)
No description available
Logo
groupg4.com
Redalert
Discovered: 2022-09-13 (3y ago)
No description available
Logo
coarc.org
Redalert
Discovered: 2022-07-28 (3y ago)
No description available
Logo
keystonelegal.co.uk GB
Redalert
Discovered: 2022-07-20 (3y ago)
No description available
Logo
vahanen.com
Redalert
Discovered: 2022-07-15 (3y ago)
No description available
Logo
syredis.fr FR
Redalert
Discovered: 2022-07-14 (3y ago)
No description available