Snatch
(Active)
Decryptor Available
No
Description
This entry is under construction. However, we have included some details below.
Note: This was the first ransomware group to perform a double-extortion attack.
Ransomware Type
Crypto-Ransomware
Data Broker
Country of Origin
Russia
Extortion Links(6)
Medium
Link
Telegram
hxxps://t.me/snatch_info
TOR
http://hl66646wtlp2naoqnhattngigjp5palgqmbwixepcjyq5i534acgqyad.onion
Clearnet
http://snatch.press
Clearnet
http://snatchnews.top
Clearnet
http://snatchteam.top
Clearnet
http://snatchteam.cc
Extortion Types
Direct Extortion
References & Publications
Krebs on Security:
‘Snatch’ Ransom Group Exposes Visitor IP Addresses