RansomHub Ransomware | WatchGuard Technologies

Decryptor Available

No

Description

This entry is under construction. However, we have included some details below.

Ransomware Type

Crypto-Ransomware

Data Broker

RaaS

First Seen

February 2024

Threat Actors

Type

Actor

Individual

koley

Extortion Links

Medium

Link

TOR

http://an2ce4pqpf2ipvba2djurxi5pnxxhu3uo7ackul6eafcundqtly7bhid.onion

TOR

http://fpwwt67hm3mkt6hdavkfyqi42oo3vkaggvjj4kxdr2ivsbzyka5yr2qd.onion

TOR

http://mjmru3yz65o5szsp4rmkmh4adlezcpy5tqjjc4y5z6lozk3nnz2da2ad.onion

TOR

http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion

Extortion Types

Direct Extortion

Double Extortion

Communication

Medium

Identifier

RAMP

koley

Tox

5596A55062A4232F5AA55C2F7C4DF0AC1EAD10B78D4055A3328AD142A42B555E

Encryption

Type

Hybrid

Files

AES256, ChaCha20, XChaCha20

Key

X25519

Known Victims(16)

Industry Sector	Country	Extortion Date
Information Technology	Brazil	2024-02-10
Healthcare & Medicine	Romania	2024-02-24
Utilities	United States	2024-02-26
Media & Marketing	Vietnam	2024-02-29
Information Technology	Brazil	2024-03-01
Retail & Wholesale	Brazil	2024-03-07
Media & Marketing	Indonesia	2024-03-07
Retail & Wholesale	United States	2024-03-08
Government	Slovakia	2024-03-08
Retail & Wholesale	United Kingdom	2024-03-09
Information Technology	Malaysia	2024-03-09
Information Technology	Egypt	2024-03-09
Information Technology	United States	2024-03-11
Information Technology	Canada	2024-03-11
Fashion & Textiles	Malaysia	2024-03-13
Banking & Finance	United Kingdom	2024-03-13

References & Publications

Ransomware - RansomHub