Ransomware.live 👀

Sites

Title	Available	Last Visit	FQDN	Screenshot
404 Not Found	🔴	2025-01-28 10:00:52.308336	dnpscnbaix6nkwvystl3yxglz7nteicqrou3t75tpcc5532cztc46qyd.onion	N/A
404 Not Found	🔴	2025-01-28 10:01:15.181742	aplebzu47wgazapdqks6vrcv6zcnjppkbxbr6wketf56nf6aq2nmyoyd.onion	N/A
Blog	🔴	2025-01-28 10:01:45.648688	blogxxu75w63ujqarv476otld7cyjkq4yoswzt4ijadkjwvg3vrvd5yd.onion	N/A

External information

Tools used

Discovery	OffSec	LOLBAS	Exfiltration
AdFind	Cobalt Strike	BITSAdmin	PrivatLab
Bloodhound			RClone
			Sendspace

This information is provided by Ransomware-Tool-Matrix

Negotiation chats

Name	# Msg	Initial Ransom	Negotiated Ransom
20201104	63	N/A	N/A
20210709	1	N/A	N/A
20210603	63	$2,500,000	$400,000
20210613	132	$1,000,000	$300,000
20201014	72	$7,500,000	$1,270,000
20210708	28	N/A	N/A
20210622	52	$100,000	$35,000
20210401	78	$170,000	$100,000
20210329	43	N/A	N/A
20210609	58	$300,000	$50,000
20210617	67	N/A	N/A
20210616	31	$500,000	$280,000
20210604	10	N/A	N/A
20210331	23	N/A	N/A
20210413	156	N/A	N/A
20210407	15	N/A	N/A
20210628	39	N/A	N/A
20210320	13	N/A	N/A
20201126	79	N/A	N/A
20210630	42	N/A	N/A

This information is provided by Valéry Marchive & Julien Mousqueton

Sites

External information

Tools used

Negotiation chats

Ransom Note(s)

Activity over time

Worldmap

98 Victims

kusd.edu

Sunknowledge Services Inc

medibank.com.au

Midea Group

Doosan Group

OptiProERP is a leading global provider of industry-specific ERP solutions for manufacture

Ludwig Freytag Group

Unicity International

Stratford University

Asfaltproductienijmegen

CYMZ

www.oil-india.com

Visotec Group www.visotec.com

PTT Exploration and Production - 720GB

ECKERD PERU S.A, INKAFARMA, MIFARMA

Join us on RAMP

Ronmor Holdings

Fimmick CRM Hong Kong (www.fimmick.com)

Fimmick CRM Honk Kong (www.fimmick.com)

Spiezle Architectural Group Inc.

ohiograting.com

Apex America

Allen, Dyer, Doppelt, & Gilchrist, P.A.

Betenbough Homes

CEC Vibration Products

ENPOL LLC

Iaffaldano, Shaw & Young LLP

angstrom automotive group

Agile Property Holdings

Möbelstadt Sommerlad

Gosiger

neroindustry.com

kuk.de / KREBS + KIEFER / 500GB

KASEYA ATTACK INFO

Daylesford - BHoldings - Bamford - The Wild Rabbit

Hx5, LLC

inocean.no / 2000 GB

Primo Water

lstaff.com / atworksprofessional / atworks.com

South Carolina Legal Services breach

ensingerplastics.com

Kaseya clients

University Medical Center

Fujifilm

JBS (meat processor)

Sol Oriens

Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul

Apple MacBook via supplier Quanta Computer

Asteelflash

Pierre Fabre

Pierre Fabre

Acer

Acer

Gyrodata Incorporated

Standley Systems (vendor to Healthcare Sector)

Dairy Farm Group

Transform Hospital Group LTD

Managed[.]com (Web Hosting Provider for Columbus County, NC, Griffin Hospital in CT, Arizona Judicial Branch, and Jackson County, OR, among others)

Beacon Health Solutions

Banco Estado (Public Bank)

Haberdashers’ Monmouth Schools

Ma Labs

Brown-Forman Corp (alcohol manufacturer)

Valley Health Systems

National Western Life (insurance)

Telecom Argentina

Cooke County Sheriff's Office

Actuaries and Associates (retirement specialist)

ADIF (Spanish railway manager)

AAA Ambulance Service

Lion (Beverage giant)

Symbiotic LLC