PanelActoresCampanasMapaTTPs
Panel » Actores » daixin
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
daixin logo

daixin

1 incidentes 1 paises 1 sectores ransomware RU Ultimo: 2026-06-25
Ver en IntelTracker → APTTrail →
Daixin Team is a financially motivated, Russian-speaking ransomware and data extortion group that emerged in June 2022. The group's primary motivation is financial gain, specifically through the exfiltration and encryption of sensitive data, particularly Patient Health Information, which commands high prices on the dark web. They employ a double extortion model, threatening to publicly leak stolen data if ransom demands are not met. What distinguishes Daixin Team is its pronounced focus on targeting the Healthcare and Public Health sector, and its use of ransomware based on the leaked Babuk Locker source code, often targeting VMware vCenter and ESXi servers for maximum impact.
Tecnicas MITRE
T1566 - Phishing, T1036 - Masquerading, T1140 - Deobfuscate/Decode Files or Information

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

United States (1)

Paises objetivo (SOCRadar)

United Arab EmiratesCanadaCzech RepublicGermanyUnited KingdomIndonesiaJapanMalaysiaNetherlandsRussian Federation

Sectores atacados

Healthcare (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersHospitalsAccommodationAir TransportationManufacturingPublic AdministrationBeverag & Tobacco Manufacturing

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com