ranzy
1 incidentes
0 paises
0 sectores
ransomware Ultimo: 2026-06-25
Aliases: ThunderX, Ranzy Locker
Ranzy Locker is a ransomware-as-a-service (RaaS) operation that emerged in late 2020, evolving from its predecessor, ThunderX, which first appeared in August 2020. The rebrand to Ranzy Locker occurred after free decryption tools for ThunderX became available due to weaknesses in its encryption, prompting the group to improve its encryption mechanisms. The primary motivation of Ranzy Locker is financial gain through data encryption and subsequent extortion. A distinctive characteristic of Ranzy Locker is its shared Tor leak site domain with Ako ransomware, suggesting a potential merger or collaboration between the two groups.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises objetivo (SOCRadar)
Germany
United KingdomPapua New Guinea
United StatesSectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationSoftware PublishersEnterprises & HoldingManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic Administration