PanelActoresCampanasMapaTTPs
Panel » Actores » xinglocker
ArsenalExploitsTTP MatrixKillChainMapaActoresSSLBLRansomLookRansomwhereAlertasCyberNews
xinglocker logo

xinglocker

1 incidentes 0 paises 0 sectores ransomware Ultimo: 2026-06-25
Aliases: Franchise
Ver en IntelTracker → APTTrail →
XingLocker emerged in May 2021 as a ransomware group operating under a franchise-style Ransomware-as-a-Service (RaaS) model. The group is a rebranded version of Mount Locker ransomware, deploying customized MountLocker payloads. Their primary motivation is financial gain through large ransom demands, employing double extortion tactics by threatening to publicly release stolen data if payment is not made. A distinctive characteristic is their operational model, where affiliates rebrand the ransomware before deploying it, rather than simply distributing it under the original parent name, which can make investigations more complex.
Tecnicas MITRE
T1486, T1059, T1562, T1082, T1018, T1560

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises objetivo (SOCRadar)

United Arab EmiratesBrazilGermanySpainFranceGabonIndiaItalyCambodiaSaudi Arabia

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingSoftware PublishersHospitalsEnterprises & HoldingAccommodationManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic Administration

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com