Added: 2026-01-28
·
Last victim: N/A
The group appears unreliable. Most, if not all, of its alleged victims cannot be verified and appear to be randomly sele
Offline
Added: N/A
·
Last victim: 2024-01-25
No description available.
Online
Added: N/A
·
Last victim: 2025-02-01
The 8base Ransomware group made its first appearance in early March 2022, remaining somewhat quiet after the attacks. Th
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2026-02-26
No description available.
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2026-03-03
·
Last victim: 2026-03-17
No description available.
Online
Added: N/A
·
Last victim: 2026-04-01
The Akira ransomware group is said to have emerged in March 2023, and there's much speculation about its ties to the for
Online
Added: N/A
·
Last victim: N/A
A Windows ransomware that will run certain tasks to prepare the target system for the encryption of files. MedusaLocker
Offline
Added: 2026-03-21
·
Last victim: N/A
⚠️ The group appears unreliable. Most, if not all, of its alleged victims cannot be verified. WE HAVE DECIDED TO REMOVE
|
0 victims
Online
Added: N/A
·
Last victim: 2026-02-28
No description available.
Online
Added: N/A
·
Last victim: 2024-03-03
The operators of the ALPHV/BlackCat ransomware began their activity in December 2021, making posts on Dark Web forums to
Offline
Added: 2025-02-25
·
Last victim: 2026-04-01
No description available.
Online
Added: N/A
·
Last victim: 2025-06-24
No description available.
Offline
Added: N/A
·
Last victim: 2025-02-25
A new ransomware group is said to have emerged in mid-April 2024, under the name 'APT73.' It's worth noting that the gro
Offline
Added: N/A
·
Last victim: 2025-09-16
No description available.
Offline
Added: N/A
·
Last victim: 2024-12-16
No description available.
Offline
Added: 2025-03-25
·
Last victim: 2025-06-06
No description available.
Offline
Added: N/A
·
Last victim: 2023-10-15
No description available.
Offline
Added: N/A
·
Last victim: 2026-02-24
No description available.
Offline
Added: N/A
·
Last victim: 2021-09-09
Avaddon is a ransomware malware targeting Windows systems often spread via malicious spam. The first known attack where
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2023-02-11
No description available.
Offline
Added: 2026-01-06
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2021-07-27
Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most us
Offline
Added: 2025-01-27
·
Last victim: 2025-04-06
Babuk Locker 2.0, also known as Bjorka or SkyWave, after failing to make any profit from selling public databases on for
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2025-07-29
·
Last victim: 2026-03-31
Beast is a Ransomware-as-a-service (RaaS) product which provides functionality such as SMB scanning, file encryption, se
Online
Added: 2025-11-26
·
Last victim: 2026-01-30
No description available.
Online
Added: 2025-04-06
·
Last victim: 2025-06-10
No description available.
Offline
Added: N/A
·
Last victim: 2025-03-31
BianLian ransomware operations began in late 2021. The group practices multi-pronged extortion, demanding payment for a
Offline
Added: N/A
·
Last victim: 2025-01-11
"Black Basta" is a new ransomware strain discovered during April 2022 - looks in dev since at least early February 2022
Offline
Added: N/A
·
Last victim: 2025-07-30
Ransomware. Uses dropper written in JavaScript to deploy a .NET payload.
Offline
Added: 2025-05-16
·
Last victim: 2025-07-02
BlackLock is a rebranded version of another ransomware group known as Eldorado. It has since become one of the most acti
Offline
Added: N/A
·
Last victim: 2021-11-04
Ransomware-as-a-Service
Offline
Added: 2025-08-06
·
Last victim: 2025-12-22
No description available.
Offline
Added: N/A
·
Last victim: 2024-12-10
No description available.
Online
Added: N/A
·
Last victim: 2021-12-18
No description available.
Offline
Added: 2025-09-17
·
Last victim: 2026-01-16
No description available.
Online
Added: N/A
·
Last victim: 2025-05-29
According to Trend Micro, this ransomware has significant code overlap with Royal Ransomware.
Online
Added: N/A
·
Last victim: 2021-12-30
No description available.
Offline
Added: N/A
·
Last victim: 2024-12-17
No description available.
Offline
Added: 2025-08-19
·
Last victim: N/A
Blue Locker targets Pakistan’s vital energy sector, particularly Pakistan Petroleum
Online
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2021-12-06
No description available.
Offline
Added: 2025-07-31
·
Last victim: 2025-10-11
No description available.
Offline
Added: 2024-07-01
·
Last victim: 2025-10-29
Brain Cipher emerged in July 2024. Both Windows and Linux variants are available. Brain Cipher using the leaked build of
Offline
Added: 2026-02-11
·
Last victim: 2026-03-11
No description available.
Online
Added: 2025-11-15
·
Last victim: 2026-01-06
No description available.
Offline
Added: N/A
·
Last victim: 2025-03-17
The CACTUS ransomware is said to have emerged around March 2023. The group became known for exploiting vulnerabilities t
Online
Added: 2025-08-26
·
Last victim: 2025-08-29
No description available.
Offline
Added: 2025-03-31
·
Last victim: 2026-03-27
No description available.
Online
Added: N/A
·
Last victim: 2022-09-14
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2024-11-22
No description available.
Offline
Added: N/A
·
Last victim: 2025-09-04
No description available.
Offline
Added: N/A
·
Last victim: 2026-02-10
No description available.
Offline
Added: 2026-02-23
·
Last victim: 2026-02-23
No description available.
Offline
Added: N/A
·
Last victim: 2026-02-24
No description available.
Offline
Added: N/A
·
Last victim: 2026-03-30
The ransomware group known as Cl0p is a variant of a previously known strain dubbed CryptoMix. It is worth noting that t
Online
Added: 2025-09-15
·
Last victim: 2026-03-30
CoinbaseCartel specializes in data acquisition through system access and strategic partnerships. It focus exclusively on
Online
Added: N/A
·
Last victim: N/A
RAAS - Ransomware intégré à un fichier PDF, à faire ouvrir à vos victimes ou à insérer vous-même, Windows et Mac, ne fon
|
0 victims
Online
Added: N/A
·
Last victim: 2022-06-07
Conti is an extremely damaging ransomware due to the speed with which it encrypts data and spreads to other systems. It
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2025-03-09
·
Last victim: 2025-03-30
No description available.
Offline
Added: N/A
·
Last victim: 2023-04-17
No description available.
Offline
Added: 2026-01-19
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2021-12-18
No description available.
Online
Added: N/A
·
Last victim: 2023-08-16
No description available.
Offline
Added: N/A
·
Last victim: 2023-04-19
According to OALabs, this ransomware has the following features: * Files are encrypted with AES CBC using a generated 2
Offline
Added: 2025-04-08
·
Last victim: 2026-03-27
No description available.
Online
Added: N/A
·
Last victim: 2024-02-01
The Cuba Ransomware, also known as Colddraw Ransomware, was first identified in the threat landscape in 2019 and built a
Offline
Added: N/A
·
Last victim: 2023-07-26
No description available.
Offline
Added: 2025-07-07
·
Last victim: 2025-08-16
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2025-09-11
No description available.
Online
Added: N/A
·
Last victim: 2024-08-23
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2022-05-25
No description available.
Offline
Added: N/A
·
Last victim: 2023-03-11
No description available.
Offline
Added: N/A
·
Last victim: 2023-06-09
No description available.
Offline
Added: N/A
·
Last victim: 2021-05-13
Darkside ransomware group has started its operation in August of 2020 with the model of RaaS (Ransomware-as-a-Service).
Offline
Added: N/A
·
Last victim: 2025-01-06
No description available.
Online
Added: 2025-05-26
·
Last victim: 2025-12-06
No description available.
Online
Added: 2026-01-14
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2022-12-02
No description available.
Offline
Added: 2025-08-30
·
Last victim: 2025-08-31
No description available.
Offline
Added: 2025-04-06
·
Last victim: 2026-02-03
Former RansomHub and INC Ransom affiliate.
Offline
Added: N/A
·
Last victim: N/A
A ransomware with potential ties to Wizard Spider.
Offline
Added: 2025-05-22
·
Last victim: 2026-01-13
No description available.
Online
Added: N/A
·
Last victim: 2024-08-11
This is not a ransomware group but a data broker
Offline
Added: N/A
·
Last victim: 2024-02-27
No description available.
Offline
Added: N/A
·
Last victim: 2024-07-24
No description available.
Offline
Added: N/A
·
Last victim: 2021-04-10
Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore origin
Offline
Added: N/A
·
Last victim: 2026-04-01
No description available.
Online
Added: N/A
·
Last victim: 2024-12-16
Dragon Ransomware, is promising rapid and customizable ransomware operations for Windows systems. Key features include a
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: N/A
·
Last victim: 2025-07-01
No description available.
Offline
Added: N/A
·
Last victim: N/A
The QNAPCrypt ransomware works similarly to other ransomware, including encrypting all files and delivering a ransom not
Offline
Added: N/A
·
Last victim: 2025-01-24
In September The El Dorado ransomware group have been rebrand as BlackLock
Offline
Added: N/A
·
Last victim: 2026-03-31
No description available.
Online
Added: N/A
·
Last victim: N/A
Entropy is a ransomware first seen in 1st quarter of 2022, is being used in conjunction of Dridex infection. The ransomw
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2026-04-01
Everest ransom group collects and analyzes information about their victims. They specialize in customer privacy data, fi
Offline
Added: 2026-03-17
·
Last victim: 2026-03-29
No description available.
Online
Added: N/A
·
Last victim: N/A
According to PCrisk, Exorcist is a ransomware-type malicious program. Systems infected with this malware experience data
|
0 victims
Offline
Added: 2026-01-03
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2025-07-31
No description available.
Offline
Added: N/A
·
Last victim: 2025-03-20
Fog, which uses the .flocked extension for encrypted files, was first observed in May in campaigns by Storm-0844, a thre
Offline
Added: 2025-03-24
·
Last victim: 2025-06-12
No description available.
Offline
Added: N/A
·
Last victim: 2022-12-31
No description available.
Offline
Added: N/A
·
Last victim: N/A
New possible leak site posted to a forum on November 20th, 2022, no victims at present. Unclear if its for a ransomware
|
0 victims
Offline
Added: N/A
·
Last victim: 2025-03-18
No description available.
Online
Added: 2025-01-24
·
Last victim: 2025-01-26
Our team members are from different countries and we are not interested in anything else, we are only interested in doll
Offline
Added: 2025-10-21
·
Last victim: 2026-03-31
No description available.
Online
Added: 2025-06-04
·
Last victim: 2025-08-20
No description available.
Offline
Added: N/A
·
Last victim: 2021-06-30
Doppelpaymer is a ransomware family that encrypts user data and later on it asks for a ransom in order to restore origin
Offline
Added: N/A
·
Last victim: 2021-10-30
No description available.
Offline
Added: 2025-04-23
·
Last victim: 2025-12-29
No description available.
Offline
Added: N/A
·
Last victim: 2020-12-15
According to PCrisk, Hades Locker is an updated version of WildFire Locker ransomware that infiltrates systems and encry
Offline
Added: N/A
·
Last victim: 2026-03-31
Not a Ransomware Group
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2025-04-07
No description available.
Offline
Added: N/A
·
Last victim: 2024-11-06
No description available.
Offline
Added: N/A
·
Last victim: 2024-04-19
No description available.
Offline
Added: N/A
·
Last victim: N/A
Unit42 states that HelloKitty is a ransomware family that first surfaced at the end of 2020, primarily targeting Windows
Offline
Added: N/A
·
Last victim: 2023-01-16
Hive is a strain of ransomware that was first discovered in June 2021. Hive was designed to be used by Ransomware-as-a-s
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2025-05-27
In mid-October 2023, just a few days before the Europol operation, the source code of the Ransomware Hive was sold, alon
Online
Added: N/A
·
Last victim: 2022-08-20
No description available.
Offline
Added: 2025-05-05
·
Last victim: 2025-09-16
No description available.
Offline
Added: N/A
·
Last victim: 2026-04-01
No description available.
Online
Added: N/A
·
Last victim: 2024-01-17
No description available.
Offline
Added: 2026-02-07
·
Last victim: 2026-03-07
No description available.
Online
Added: N/A
·
Last victim: 2026-03-26
No description available.
Online
Added: 2025-05-02
·
Last victim: 2025-11-01
No description available.
Offline
Added: N/A
·
Last victim: 2026-03-21
No description available.
Online
Added: N/A
·
Last victim: 2023-09-22
No description available.
Online
Added: N/A
·
Last victim: 2021-10-04
No description available.
Offline
Added: 2025-06-27
·
Last victim: 2025-07-28
No description available.
Offline
Added: 2025-11-11
·
Last victim: 2026-01-26
No description available.
Online
Added: N/A
·
Last victim: 2022-05-24
No description available.
Online
Added: N/A
·
Last victim: 2026-03-17
No description available.
Online
Added: 2026-02-19
·
Last victim: 2026-02-25
No description available.
Offline
Added: N/A
·
Last victim: 2024-02-12
[Cyclops](group/cyclops) rebrand
Offline
Added: 2025-02-09
·
Last victim: 2025-11-13
No description available.
Offline
Added: 2025-10-08
·
Last victim: 2025-11-06
No description available.
Offline
Added: 2025-10-08
·
Last victim: N/A
No description available.
Online
Added: N/A
·
Last victim: 2022-06-25
ℹ️ La Piovra Ransomware is an exercise of the company Offensive Security (also known as OffSec)
Offline
Added: 2026-03-01
·
Last victim: 2026-03-01
No description available.
Offline
Added: N/A
·
Last victim: 2022-03-29
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: 2025-02-19
·
Last victim: 2025-01-29
No description available.
Offline
Added: N/A
·
Last victim: 2021-08-23
No description available.
Offline
Added: N/A
·
Last victim: 2022-06-28
No description available.
Offline
Added: N/A
·
Last victim: 2025-12-05
LockBit, also recognized as LockBit Black or Lockbit 3.0, is one of the largest Ransomware Groups in the world and has o
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: 2025-12-04
·
Last victim: 2026-03-21
No description available.
Online
Added: N/A
·
Last victim: 2021-09-09
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2023-12-01
Tesorion describes Lorenz as a ransomware with design and implementation flaws, leading to impossible decryption with to
Offline
Added: N/A
·
Last victim: 2023-09-26
No description available.
Offline
Added: 2025-09-02
·
Last victim: 2025-09-13
No description available.
Offline
Added: N/A
·
Last victim: 2022-11-27
LV ransomware group main message: "Here are companies which didn't meet consumer data protection obligations. They rejec
Offline
Added: N/A
·
Last victim: 2026-03-17
No description available.
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2024-10-01
No description available.
Offline
Added: N/A
·
Last victim: 2023-04-09
No description available.
Online
Added: N/A
·
Last victim: 2024-04-05
No description available.
Offline
Added: N/A
·
Last victim: 2024-07-14
This ransomware uses a combination of different crypto algorithms (ChaCha20, AES-128, Curve25519). The activity of this
Offline
Added: 2025-03-12
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2022-02-14
No description available.
Offline
Added: N/A
·
Last victim: 2020-09-11
Maze ransomware group is one of the most known ransomware gangs, they targeted organizations worldwide across many indus
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2026-02-13
No description available.
Online
Added: N/A
·
Last victim: 2025-11-17
Medusa is a DDoS bot written in .NET 2.0. In its current incarnation its C&C protocol is based on HTTP, while its predec
Offline
Added: N/A
·
Last victim: 2024-11-19
No description available.
Offline
Added: N/A
·
Last victim: 2025-06-24
No description available.
Offline
Added: N/A
·
Last victim: 2022-04-14
This malware written in C# is a variant of the Thanos ransomware family and emerged in October 2021 and is obfuscated us
Offline
Added: N/A
·
Last victim: 2022-05-05
Ransomware, potential rebranding of win.sfile.
Offline
Added: 2025-12-12
·
Last victim: 2025-12-12
No description available.
Offline
Added: N/A
·
Last victim: 2024-03-01
No description available.
Offline
Added: N/A
·
Last victim: 2026-01-28
No description available.
Offline
Added: N/A
·
Last victim: 2025-05-07
No description available.
Offline
Added: 2025-01-07
·
Last victim: 2026-03-30
No description available.
Offline
Added: N/A
·
Last victim: 2021-12-18
Cybereason Nocturnus describes Moses Staff as an Iranian hacker group, first spotted in October 2021. Their motivation a
Offline
Added: N/A
·
Last victim: 2022-02-08
No description available.
Offline
Added: 2025-12-18
·
Last victim: 2026-01-15
No description available.
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
N3tw0rm ransomware group is linked to Iran by many security researchers especially for the fact that the group targeting
|
0 victims
Offline
Added: 2025-10-11
·
Last victim: 2025-10-05
No description available.
Offline
Added: N/A
·
Last victim: 2021-09-09
According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is remov
Offline
Added: N/A
·
Last victim: N/A
Nemty is a ransomware that was discovered in September 2019. Fortinet states that they found it being distributed throug
Offline
Added: N/A
·
Last victim: 2020-12-12
NetWalker ransomware group operates by the threat actor known as "CIRCUS SPIDER". The NetWalker ransomware was discovere
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2022-01-04
No description available.
Offline
Added: 2025-03-12
·
Last victim: 2026-04-01
No description available.
Online
Added: N/A
·
Last victim: 2026-03-19
No description available.
Offline
Added: N/A
·
Last victim: 2023-11-26
No description available.
Offline
Added: N/A
·
Last victim: 2023-08-04
No description available.
Offline
Added: N/A
·
Last victim: 2023-09-12
No description available.
Offline
Added: 2025-04-28
·
Last victim: 2026-03-29
Nova (formerly RALord) is a ransomware-as-a-service (RaaS) group that encrypts victims’files and uses double-extortion t
Online
Added: 2025-09-05
·
Last victim: 2026-01-11
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2022-11-21
No description available.
Offline
Added: N/A
·
Last victim: 2025-05-07
No description available.
Offline
Added: 2026-01-14
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: 2025-12-18
·
Last victim: 2026-01-18
No description available.
Online
Added: N/A
·
Last victim: 2022-03-30
Pandora ransomware was obtained by vx-underground at 2022-03-14.
Offline
Added: N/A
·
Last victim: 2021-09-09
Pay2Key is ransomware that has been used by the threat actor Fox Kitten. The group seems to operate since July 2020, tar
Offline
Added: 2026-02-17
·
Last victim: 2026-04-01
No description available.
Online
Added: N/A
·
Last victim: 2022-01-06
No description available.
Offline
Added: 2025-07-07
·
Last victim: 2026-01-14
No description available.
Online
Added: 2025-08-05
·
Last victim: 2026-03-26
Pure Extraction And Ransom (PEAR) Team is the community of highly responsible and strictly disciplined members. We are a
Online
Added: N/A
·
Last victim: 2026-03-30
Initially observed in June 2022, the Play ransomware (a.k.a PlayCrypt) operates through double extortion, targeting nume
Online
Added: N/A
·
Last victim: 2024-10-28
No description available.
Offline
Added: N/A
·
Last victim: 2022-12-18
No description available.
Offline
Added: N/A
·
Last victim: 2020-04-25
PwndLocker is a ransomware that was observed in late 2019 and is reported to have been used to target businesses and loc
Offline
Added: N/A
·
Last victim: N/A
Ransomware written in .NET, apparently derived from the codebase of win.hakbit (Thanos) ransomware.
Offline
Added: 2025-08-26
·
Last victim: N/A
First known AI-powered ransomware. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama
|
0 victims
Online
Added: N/A
·
Last victim: 2022-09-20
Mespinosa is a ransomware which encrypts file using an asymmetric encryption and adds .pysa as file extension. According
Offline
Added: N/A
·
Last victim: 2026-04-01
Qilin ransomware was first observed in July of 2022. Qilin Ransomware is written in Golang and supports multiple encrypt
Online
Added: N/A
·
Last victim: 2024-06-24
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2022-12-09
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2025-09-10
·
Last victim: 2025-12-01
No description available.
Online
Added: 2025-10-12
·
Last victim: 2025-10-29
No description available.
Offline
Added: N/A
·
Last victim: 2023-10-11
No description available.
Online
Added: N/A
·
Last victim: 2021-12-30
According to Bleeping Computer, the ransomware is used in targeted attacks against unpatched Citrix servers. It excludes
Offline
Added: 2025-03-26
·
Last victim: 2025-04-27
No description available.
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2023-09-03
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2025-05-13
·
Last victim: N/A
Launched on April 24th, 2025 RansomBay is a new project operating under the DragonForce initiative
|
0 victims
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2024-07-12
No description available.
Offline
Added: N/A
·
Last victim: 2023-10-30
No description available.
Offline
Added: N/A
·
Last victim: 2025-03-07
RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Def
Online
Added: N/A
·
Last victim: 2026-02-28
No description available.
Online
Added: N/A
·
Last victim: 2025-03-31
The group emerged in mid-February 2024 and has already listed several organizations as alleged victims of their attacks,
Offline
Added: N/A
·
Last victim: 2023-12-21
No description available.
Offline
Added: N/A
·
Last victim: N/A
Ranzy Locker, Former known as ThunderX. The group hosting a data leak site in the darknet where they posting sensitive i
Offline
Added: N/A
·
Last victim: 2024-12-28
RA Group, also known as RA World, first surfaced in April 2023, utilizing a custom variant of the Babuk ransomware.
Offline
Added: N/A
·
Last victim: 2024-01-07
RANSOMED.VC aka Raznatovic
Offline
Added: 2025-07-08
·
Last victim: 2025-07-09
No description available.
Offline
Added: N/A
·
Last victim: 2022-09-22
No description available.
Offline
Added: N/A
·
Last victim: 2024-06-11
No description available.
Offline
Added: N/A
·
Last victim: 2022-11-28
Sodinokibi ransomware group also known as REvil (Ransomware Evil) operates as a ransomware-as-a-service (RaaS) model. Af
Offline
Added: 2026-02-11
·
Last victim: 2025-11-13
No description available.
Online
Added: N/A
·
Last victim: 2026-03-02
Rhysida is a ransomware-as-a-service (RAAS) group that emerged in May 2023. The group utilizes a namesake ransomware thr
Online
Added: N/A
·
Last victim: 2021-12-06
No description available.
Online
Added: N/A
·
Last victim: 2022-01-08
According to PCrisk, Rook is ransomware (an updated variant of Babuk) that prevents victims from accessing/opening files
Offline
Added: N/A
·
Last victim: 2023-07-19
According to Trendmicro, Royal ransomware was first observed in September 2022, and the threat actors behind it are beli
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2025-02-27
·
Last victim: 2025-07-10
No description available.
Offline
Added: N/A
·
Last victim: 2022-02-28
No description available.
Offline
Added: N/A
·
Last victim: 2026-03-17
No description available.
Online
Added: N/A
·
Last victim: 2026-03-30
No description available.
Online
Added: 2025-07-04
·
Last victim: 2025-07-07
No description available.
Online
Added: 2025-03-14
·
Last victim: 2025-03-14
Encrypted Extension: .vanhelsing, .vanlocker. Targets Windows Platform only
Online
Added: 2025-07-22
·
Last victim: 2026-02-24
No description available.
Online
Added: N/A
·
Last victim: 2024-06-04
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: 2026-02-25
·
Last victim: 2026-02-17
No description available.
Offline
Added: N/A
·
Last victim: 2022-11-01
No description available.
Offline
Added: 2025-10-03
·
Last victim: 2026-03-31
No description available.
Online
Added: 2025-11-15
·
Last victim: N/A
Likely associated with the cybercrime group BlingLibra (ShinyHunters)
Offline
Added: 2025-12-30
·
Last victim: 2026-01-05
No description available.
Offline
Added: N/A
·
Last victim: 2023-12-09
Not a ransomware group but a hacktivist group that appeared coincidentally days before Russia’s invasion of Ukraine
Offline
Added: 2025-04-23
·
Last victim: 2025-05-04
Unlike many other groups, Silent claims to operate with a high level of anonymity and discretion. According to their own
Offline
Added: 2025-05-06
·
Last victim: 2026-04-01
a former Conti team
Online
Added: 2025-07-05
·
Last victim: 2026-03-17
No description available.
Online
Added: 2025-03-06
·
Last victim: 2025-11-18
No description available.
Offline
Added: N/A
·
Last victim: 2024-01-15
No description available.
Offline
Added: N/A
·
Last victim: 2024-05-15
Snatch is a ransomware which infects victims by rebooting the PC into Safe Mode. Most of the existing security protectio
Offline
Added: N/A
·
Last victim: N/A
Ransomware, written in .NET.
|
0 victims
Offline
Added: N/A
·
Last victim: 2026-03-10
No description available.
Online
Added: N/A
·
Last victim: 2022-09-22
No description available.
Offline
Added: N/A
·
Last victim: 2021-10-19
No description available.
Offline
Added: N/A
·
Last victim: 2025-12-08
No description available.
Online
Added: N/A
·
Last victim: N/A
Ransomware, written in Delphi.
Offline
Added: N/A
·
Last victim: 2022-06-18
No description available.
Offline
Added: N/A
·
Last victim: 2021-03-21
No description available.
Offline
Added: 2025-06-10
·
Last victim: 2025-08-03
No description available.
Offline
Added: 2025-10-23
·
Last victim: 2026-03-07
No description available.
Offline
Added: N/A
·
Last victim: 2026-03-16
No description available.
Online
Added: 2025-09-09
·
Last victim: 2026-03-23
No description available.
Offline
Added: 2026-01-29
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: N/A
·
Last victim: 2025-05-25
A new Ransomware family identified by the name '3AM' or 'ThreeAM' in September 2023. The ransomware operation was observ
Online
Added: N/A
·
Last victim: 2023-12-27
Pro-Palestinian Group
Online
Added: 2025-11-29
·
Last victim: 2026-03-05
No description available.
Online
Added: N/A
·
Last victim: 2024-03-30
According to PCrisk, Trigona is ransomware that encrypts files and appends the ._locked extension to filenames. Also, it
Offline
Added: N/A
·
Last victim: 2025-03-16
No description available.
Offline
Added: N/A
·
Last victim: 2024-02-19
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: N/A
·
Last victim: 2025-08-15
No description available.
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2024-01-14
A group which seems to recycle leak from other ransomware groups
Offline
Added: N/A
·
Last victim: 2024-09-18
No description available.
Offline
Added: 2025-03-17
·
Last victim: 2025-04-05
No description available.
Offline
Added: N/A
·
Last victim: 2024-07-10
No description available.
Online
Added: 2026-01-06
·
Last victim: 2026-03-02
No description available.
Online
Added: N/A
·
Last victim: 2023-02-27
Ransomware, which appears to be a rebranding of win.cuba.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2023-06-20
Vice Society ransomware appends the .v-society extension when encrypting Linux machines. Running a leak site on the dark
Offline
Added: 2025-06-10
·
Last victim: 2025-06-10
No description available.
Offline
Added: N/A
·
Last victim: 2018-02-23
WannaCry ransomware is a cyber attack that spreads by exploiting vulnerabilities in the Windows operating system. At its
Offline
Added: 2025-06-10
·
Last victim: 2025-11-06
The Warlock ransomware and operator(s) are believed to be attributed to Storm-2603, a China-based threat actor who is al
Online
Added: N/A
·
Last victim: 2024-03-04
No description available.
Online
Added: 2025-03-06
·
Last victim: 2025-08-10
No description available.
Online
Added: 2025-05-16
·
Last victim: 2026-04-01
World Leaks emerged in January 2025 as a rebrand of the Hunters International ransomware operation, shifting its focus f
Online
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: N/A
·
Last victim: 2021-10-26
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
|
0 victims
Offline
Added: 2026-03-17
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: N/A
·
Last victim: 2022-08-10
According to PCrisk, Yanluowang is ransomware that encrypts (and renames) files, ends all running processes, stops servi
Offline
Added: 2025-09-05
·
Last victim: 2025-09-09
No description available.
Offline
Added: N/A
·
Last victim: N/A
No description available.
Offline
Added: 2025-04-28
·
Last victim: N/A
No description available.
|
0 victims
Online
Added: N/A
·
Last victim: 2024-05-05
No description available.
Offline