PanelActoresCampanasMapaTTPs
Panel » Actores » onyx
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
onyx logo

onyx

1 incidentes 0 paises 0 sectores ransomware KP Ultimo: 2026-06-25
Ver en IntelTracker → APTTrail →
Onyx is a ransomware group that first appeared in April 2022, operating with the primary motivation of financial profit through file encryption and data exfiltration for ransom. The group is notable for consistently employing double extortion tactics, threatening public release of sensitive victim data if ransom demands are not fulfilled. Onyx has shown an evolving operational posture, moving towards incorporating zero-day vulnerabilities into its campaigns and refining its attack methods to avoid detection.
Tecnicas MITRE
T1070.004, T1486, T1059.001, T1047, T1566.001

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises objetivo (SOCRadar)

BrazilGermanyEstoniaGuatemalaIndiaJapanKorea, Republic ofMexicoUnited States

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingSoftware PublishersEnterprises & HoldingManufacturingConstructionPublic AdministrationOil & GasBeverag & Tobacco ManufacturingEducational Services

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com