Insane
Aliases
Going Insane
Inane Right
Description
Insane, or Going Insane, randomly appeared in January 2024 with one victim from Thailand. As fast as they appeared on the scene, they disappeared. The only information about this "group" was posted on their data leak site. They claim to use AES encryption for their ransomware and claim to have information-stealing-capable malware. Researchers from Clipeus Intelligence claim that the creator could be a Russian national. You can observe that hypothesis in the references below.
Ransomware Type
Crypto-Ransomware
Data Broker
First Seen
Last Seen
Extortion Links
Moyen
Lien
TOR
http://gfksiwpsqudibondm6o2ipxymaonehq3l26qpgqr3nh4jvcyayvogcid.onion/
TOR
http://nv5lbsrr4rxmewzmpe25nnalowe4ga7ki6yfvit3wlpu7dfc36pyh4ad.onion/
TOR
http://nv5lbsrr4rxmewzmpe25nnalowe4ga7ki6yfvit3wlpu7dfc36pyh4ad.onion/Insane.html
TOR
http://r2ad4ayrgpf7og673lhrw5oqyvqg4em2fpialk7l7gxkasvqkqow4qad.onion/
Extortion Types
Direct Extortion
Double Extortion
Communication
Moyen
Identifiant
BreachForums
https://breachforums.is/User-InsaneRansomware
Email
insane@cock.lu
Telegram
https://t.me/Insane_ransomware
Telegram
https://t.me/InsaneRansomware
Encryption
Type
Asymmetric
Files
AES
Known Victims
| Industry Sector | Pays | Extortion Date | Amount (USD) |
|---|---|---|---|
| Healthcare & Medicine | Thailand |
References & Publications
Clipeus Intelligence: "Going Insane" Ransomware: An Analysis of Their Website