The first mentions of Alpha Locker, or Alpha, appeared in Bleeping Computer's forums in the Summer of 2023. However, in early January, the group appeared more ubiquitously within the cybersecurity community. This group is also known as "mydaya" because of the TOR domain name on which they host their data leak site. Nothing is known about the group besides what is on the data leak site and what is published on the Bleeping Computer forums. However, independent researcher Rakesh Krishnan also posted an article about some of Alpha Locker's operations. We weren't able to find an applicable hash or sample to analyze. Thankfully, within the Bleeping Computer's forums are hashes to the ransom notes on VirusTotal. Below is any other helpful information we could gather about this ransomware without a proper sample. We will post more details below if and when we find a sample.
Known Victims(15)
| Industry Sector | Country | Extortion Date | Amount (USD) |
|---|---|---|---|
| Healthcare & Medicine | United States | ||
| Professional Services | France | ||
| Agriculture | United States | ||
| Professional Services | Australia | ||
| Fashion & Textiles | Canada | ||
| Electronics | Taiwan | ||
| Professional Services | South Africa | ||
| Education | United States | ||
| Oil & Gas | United States | ||
| Manufacturing | United Kingdom | ||
| Construction & Architecture | Italy | ||
| Distribution & Logistics | France | ||
| Banking & Finance | United States | ||
| Manufacturing | Germany | ||
| Professional Services | United Kingdom |