{ "total": 10463, "page": 1, "per_page": 50, "items": [ { "slug": "isoplus", "title": "ISOPLUS", "date": "2026-06-25", "tags": [ "qilin", "ransomware" ], "actor": "qilin", "threat_type": "ransomware", "country": "Greece", "sector": "Business Services", "ttps": [], "iocs": [ { "type": "Tipo", "value": "Valor", "context": "Contexto" }, { "type": "Hash", "value": "d4cd0dabcf4caa22ad92fab40844c786", "context": "Verificado a través de fuentes de inteligencia en línea (DuckDuckGo)" }, { "type": "Domain", "value": "duckduckgo.com", "context": "Dominio victima" } ], "summary": "Resumen Un incidente de ransomware ha afectado a la organización ISOPLUS, según informes verificados por inteligencia de amenazas. El grupo atacante identificado es \"qilin\", y el evento ocurrió el 25 de junio de 2026. Aunque no se han divulgado detalles sobre datos expuestos, los indicadores de comp…", "victim_domain": "duckduckgo.com" }, { "slug": "delegal-poindexter-underkofler-p-a", "title": "Delegal Poindexter & Underkofler, P.A.", "date": "2026-06-25", "tags": [ "morpheus", "ransomware" ], "actor": "morpheus", "threat_type": "ransomware", "country": "United States", "sector": "Business Services", "ttps": [], "iocs": [ { "type": "Tipo", "value": "Valor", "context": "Contexto" }, { "type": "Domain", "value": "protectingcareers.com", "context": "OSINT" }, { "type": "Hash", "value": "d4cd0dabcf4caa22ad92fab40844c786", "context": "OSINT" }, { "type": "Domain", "value": "concerns.they", "context": "OSINT" }, { "type": "Domain", "value": "duckduckgo.com", "context": "OSINT" } ], "summary": "Resumen La empresa Delegal Poindexter & Underkofler, P.A., un proveedor de servicios legales especializado en empleo, ha sido afectada por un ataque de ransomware atribuido al grupo Morpheus. El incidente ocurrió el 25 de junio de 2026 y involucró la exposición de datos sensibles, según informacione…", "victim_domain": "protectingcareers.com" }, { "slug": "ransomware-victim-i-sys-auditteam", "title": "Ransomware Victim: I-SYS (AuditTeam)", "date": "2026-06-25", "tags": [ "anggipradana", "ransomware", "auditteam" ], "actor": "auditteam", "threat_type": "ransomware", "country": "Russia", "sector": "Technology", "ttps": [], "iocs": [], "summary": "I-SYS Victima de ransomware reportada en el dashboard de AuditTeam. CampoValor GrupoAuditTeam PaisRU SectorTechnology Fecha2026-06-25T04:20:19.047045+00:00 Detalles I-SYS is a Russian software development and business automation company with 25 years of experience, offering custom development, digit…", "victim_domain": "" }, { "slug": "ransomware-victim-isoplus-qilin", "title": "Ransomware Victim: ISOPLUS (qilin)", "date": "2026-06-25", "tags": [ "anggipradana", "ransomware", "qilin" ], "actor": "qilin", "threat_type": "ransomware", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "ISOPLUS Victima de ransomware reportada en el dashboard de qilin. CampoValor Grupoqilin PaisGR SectorBusiness Services Fecha2026-06-25T03:55:16.274235+00:00 Detalles N\/A Referencias Ransomware Dashboard Fuente original", "victim_domain": "" }, { "slug": "ransomware-group-0apt", "title": "Ransomware Group: 0apt", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "0apt" ], "actor": "0apt", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: 0apt Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion The group appears unreliable. Most, if not all, of its alleged victims cannot be verified and appear to be randomly selected organizations. WE HAVE DECIDED TO REMOVE ENTRIES FOR THIS G…", "victim_domain": "" }, { "slug": "ransomware-group-0day-syndicate", "title": "Ransomware Group: 0day Syndicate", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "0day-syndicate" ], "actor": "0day-syndicate", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: 0day Syndicate Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-0mega", "title": "Ransomware Group: 0mega", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "0mega" ], "actor": "0mega", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: 0mega Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion 0mega is a double-extortion ransomware group that emerged in May 2022, targeting businesses across multiple sectors worldwide by encrypting files and threatening to leak stolen data; …", "victim_domain": "" }, { "slug": "ransomware-group-8base", "title": "Ransomware Group: 8base", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "8base" ], "actor": "8base", "threat_type": "threat-actor", "country": "United States", "sector": "", "ttps": [], "iocs": [ { "type": "Domain", "value": "github.com", "context": "Extraido del contenido" } ], "summary": "Grupo Ransomware: 8base Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion The 8base Ransomware group made its first appearance in early March 2022, remaining somewhat quiet after the attacks. This group operates like other ransomware actors, engaging in dou…", "victim_domain": "" }, { "slug": "ransomware-group-alp-001", "title": "Ransomware Group: ALP-001", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "alp-001" ], "actor": "alp-001", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ALP-001 Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion ⚠️ The group appears unreliable. Most, if not all, of its alleged victims cannot be verified. WE HAVE DECIDED TO REMOVE ENTRIES FOR THIS GROUP Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-abrahams-ax", "title": "Ransomware Group: Abrahams_Ax", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "abrahams-ax" ], "actor": "abrahams-ax", "threat_type": "threat-actor", "country": "Iran", "sector": "Government", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Abrahams_Ax Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Abraham's Ax is an Iranian-linked hacktivist persona tied to Moses Staff that emerged in November 2022, primarily targeting Saudi Arabian government institutions for geopol…", "victim_domain": "" }, { "slug": "ransomware-group-ailock", "title": "Ransomware Group: AiLock", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "ailock" ], "actor": "ailock", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: AiLock Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion AiLock is a ransomware operation that emerged in early 2025, marketing itself as AI-assisted ransomware using a hybrid ChaCha20\/NTRUEncrypt encryption scheme and double-extortion tac…", "victim_domain": "" }, { "slug": "ransomware-group-auditteam", "title": "Ransomware Group: AuditTeam", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "auditteam" ], "actor": "auditteam", "threat_type": "threat-actor", "country": "Unknown", "sector": "Manufacturing", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: AuditTeam Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion AuditTeam is a small ransomware group with approximately 5 known victims, primarily targeting organizations in East and Southeast Asia across technology and manufacturing sectors,…", "victim_domain": "" }, { "slug": "ransomware-group-black-x", "title": "Ransomware Group: Black X", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "black-x" ], "actor": "black-x", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Black X Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-braincipher", "title": "Ransomware Group: BrainCipher", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "braincipher" ], "actor": "braincipher", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: BrainCipher Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Brain Cipher emerged in July 2024. Both Windows and Linux variants are available. Brain Cipher using the leaked build of LockBit Black for their operations. The group suspected …", "victim_domain": "" }, { "slug": "ransomware-group-cmdorganization", "title": "Ransomware Group: CMDOrganization", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "cmdorganization" ], "actor": "cmdorganization", "threat_type": "threat-actor", "country": "Unknown", "sector": "Software", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: CMDOrganization Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion CMD is a new kind of company that specializes in corporate system security and in identifying vulnerabilities across all aspects of the software used by a company. CMD opera…", "victim_domain": "" }, { "slug": "ransomware-group-contfr", "title": "Ransomware Group: ContFR", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "contfr" ], "actor": "contfr", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ContFR Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion RAAS - Ransomware intégré à un fichier PDF, à faire ouvrir à vos victimes ou à insérer vous-même, Windows et Mac, ne fonctionne pas sur Linux. Tableau de vitcimes et récupération de …", "victim_domain": "" }, { "slug": "ransomware-group-deadlock", "title": "Ransomware Group: Deadlock", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "deadlock" ], "actor": "deadlock", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Deadlock Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-eldorado", "title": "Ransomware Group: ElDorado", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "eldorado" ], "actor": "eldorado", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ElDorado Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion In September The El Dorado ransomware group have been rebrand as BlackLock Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-gdlockersec", "title": "Ransomware Group: GDLockerSec", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "gdlockersec" ], "actor": "gdlockersec", "threat_type": "threat-actor", "country": "China", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: GDLockerSec Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Our team members are from different countries and we are not interested in anything else, we are only interested in dollars. We do not allow CIS, Cuba, North Korea and China to …", "victim_domain": "" }, { "slug": "ransomware-group-imncrew", "title": "Ransomware Group: IMNCrew", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "imncrew" ], "actor": "imncrew", "threat_type": "threat-actor", "country": "Indonesia", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: IMNCrew Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion IMN Crew is a data extortion and ransomware group that emerged in late March 2025, primarily targeting financial services organizations in the US, Croatia, and Indonesia by exploiti…", "victim_domain": "" }, { "slug": "ransomware-group-icarus", "title": "Ransomware Group: Icarus", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "icarus" ], "actor": "icarus", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Icarus Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-j", "title": "Ransomware Group: J", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "j" ], "actor": "j", "threat_type": "threat-actor", "country": "Germany", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: J Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion J is an emerging ransomware group that launched its leak site in May 2025, claiming over 41 victims by late 2025 including FAI Aviation Group (Germany), operating primarily as a leak-site…", "victim_domain": "" }, { "slug": "ransomware-group-leakbazaar", "title": "Ransomware Group: LeakBazaar", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "leakbazaar" ], "actor": "leakbazaar", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: LeakBazaar Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-loki", "title": "Ransomware Group: Loki", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "loki" ], "actor": "loki", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Loki Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-payday", "title": "Ransomware Group: Payday", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "payday" ], "actor": "payday", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Payday Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-prinzeugen", "title": "Ransomware Group: PrinzEugen", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "prinzeugen" ], "actor": "prinzeugen", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: PrinzEugen Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-runsomewares", "title": "Ransomware Group: RunSomeWares", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "runsomewares" ], "actor": "runsomewares", "threat_type": "threat-actor", "country": "Unknown", "sector": "Manufacturing", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: RunSomeWares Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion RunSomeWares is an emerging ransomware group that surfaced in February 2025 with initial victims across supply-chain services, financial services, accounting, and manufacturing…", "victim_domain": "" }, { "slug": "ransomware-group-sensayq", "title": "Ransomware Group: SenSayQ", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "sensayq" ], "actor": "sensayq", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: SenSayQ Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion SenSayQ is an emerging ransomware actor that appeared in mid-2024 using a leaked LockBit 3.0 builder for double-extortion attacks; Group-IB links it operationally to the Brain Ciphe…", "victim_domain": "" }, { "slug": "ransomware-group-sevyware", "title": "Ransomware Group: SevyWare", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "sevyware" ], "actor": "sevyware", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: SevyWare Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-shadowbyt3s", "title": "Ransomware Group: ShadowByt3$", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "shadowbyt3s" ], "actor": "shadowbyt3s", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ShadowByt3$ Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion ShadowByt3$ is a ransomware-as-a-service group first observed in October 2025, using multi-method extortion and communicating via Telegram and Tox, with a very small confirmed v…", "victim_domain": "" }, { "slug": "ransomware-group-shinysp1d3r", "title": "Ransomware Group: ShinySp1d3r", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "shinysp1d3r" ], "actor": "shinysp1d3r", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ShinySp1d3r Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Likely associated with the cybercrime group BlingLibra (ShinyHunters) Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-silentransomgroup", "title": "Ransomware Group: SilentRansomGroup", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "silentransomgroup" ], "actor": "silentransomgroup", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: SilentRansomGroup Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion a former Conti team Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-timc", "title": "Ransomware Group: TiMc", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "timc" ], "actor": "timc", "threat_type": "threat-actor", "country": "United States", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: TiMc Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion TiMc is a ransomware group that emerged in early 2026, claiming high-impact attacks against Spanish IT services leader Seidor (1 TB+ data) and oncology organization Oncologica (100 GB+…", "victim_domain": "" }, { "slug": "ransomware-group-triple-x", "title": "Ransomware Group: Triple X", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "triple-x" ], "actor": "triple-x", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: Triple X Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Sin descripcion. Referencias Ransomware Dashboard", "victim_domain": "" }, { "slug": "ransomware-group-valencialeaks", "title": "Ransomware Group: ValenciaLeaks", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "valencialeaks" ], "actor": "valencialeaks", "threat_type": "threat-actor", "country": "Unknown", "sector": "Pharmaceutical", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ValenciaLeaks Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion ValenciaLeaks is a data-extortion group that surfaced in August–September 2024, focused on exfiltrating large volumes of data and publishing it on a dedicated leak site, with …", "victim_domain": "" }, { "slug": "ransomware-group-vanhelsing", "title": "Ransomware Group: VanHelsing", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "vanhelsing" ], "actor": "vanhelsing", "threat_type": "threat-actor", "country": "France", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: VanHelsing Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion VanHelsing is a multi-platform RaaS operation that launched on March 7, 2025, requiring a $5,000 affiliate deposit and splitting ransoms 80\/20, supporting Windows, Linux, BSD, AR…", "victim_domain": "" }, { "slug": "ransomware-group-agl0bgvycg", "title": "Ransomware Group: aGl0bGVyCg", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "agl0bgvycg" ], "actor": "agl0bgvycg", "threat_type": "threat-actor", "country": "United States", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: aGl0bGVyCg Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion "aGl0bGVyCg" (Base64 for "hitler") is a reference to the Hitler-Ransomware (2016), a German-origin proof-of-concept that displayed a Hitler image, did not act…", "victim_domain": "" }, { "slug": "ransomware-group-abyss", "title": "Ransomware Group: abyss", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "abyss" ], "actor": "abyss", "threat_type": "threat-actor", "country": "United Kingdom", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: abyss Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Abyss (also known as Abyss Locker) is a ransomware operation first identified in March 2023, derived from the Babuk source code, that targets Windows and Linux\/VMware ESXi systems usi…", "victim_domain": "" }, { "slug": "ransomware-group-adminlocker", "title": "Ransomware Group: adminlocker", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "adminlocker" ], "actor": "adminlocker", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: adminlocker Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion AdminLocker is a relatively low-profile ransomware strain first observed around December 2021, encrypting victim files and demanding Bitcoin ransom via a Tor-based portal, opera…", "victim_domain": "" }, { "slug": "ransomware-group-againstthewest", "title": "Ransomware Group: againstthewest", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "againstthewest" ], "actor": "againstthewest", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: againstthewest Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion AgainstTheWest (ATW) is a hacktivist group active since October 2021 that targets governments and corporations perceived as authoritarian, breaching organizations like Alibab…", "victim_domain": "" }, { "slug": "ransomware-group-akira", "title": "Ransomware Group: akira", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "akira" ], "actor": "akira", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [ { "type": "File", "value": "akira_readme.txt", "context": "Artefacto observado" }, { "type": "File", "value": "megazord.exe", "context": "Artefacto observado" }, { "type": "Domain", "value": "github.com", "context": "Extraido del contenido" } ], "summary": "Grupo Ransomware: akira Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion The Akira ransomware group is said to have emerged in March 2023, and there's much speculation about its ties to the former CONTI ransomware group.<br> <br> It's…", "victim_domain": "" }, { "slug": "ransomware-group-ako", "title": "Ransomware Group: ako", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "ako" ], "actor": "ako", "threat_type": "threat-actor", "country": "United States", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: ako Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion A Windows ransomware that will run certain tasks to prepare the target system for the encryption of files. MedusaLocker avoids executable files, probably to avoid rendering the targeted…", "victim_domain": "" }, { "slug": "ransomware-group-alphalocker", "title": "Ransomware Group: alphalocker", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "alphalocker" ], "actor": "alphalocker", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: alphalocker Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion AlphaLocker is a low-cost ransomware operation built on the EDA2 open-source project that sells affiliates an admin panel, ransomware executable, and decryption key generator, l…", "victim_domain": "" }, { "slug": "ransomware-group-alphv", "title": "Ransomware Group: alphv", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "alphv" ], "actor": "alphv", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [ { "type": "Domain", "value": "github.com", "context": "Extraido del contenido" } ], "summary": "Grupo Ransomware: alphv Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion The operators of the ALPHV\/BlackCat ransomware began their activity in December 2021, making posts on Dark Web forums to promote their affiliate program, offering other actors the opp…", "victim_domain": "" }, { "slug": "ransomware-group-anubis", "title": "Ransomware Group: anubis", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "anubis" ], "actor": "anubis", "threat_type": "threat-actor", "country": "Unknown", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: anubis Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Anubis is a ransomware-as-a-service group active since December 2024 that targets healthcare, engineering, construction, and professional services sectors, offering affiliates a flex…", "victim_domain": "" }, { "slug": "ransomware-group-apos", "title": "Ransomware Group: apos", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "apos" ], "actor": "apos", "threat_type": "threat-actor", "country": "Unknown", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: apos Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Apos is a data-broker extortion group that surfaced in April 2024, focusing on data exfiltration and threatening to publish or sell stolen information rather than encrypting files, tar…", "victim_domain": "" }, { "slug": "ransomware-group-apt73", "title": "Ransomware Group: apt73", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "apt73" ], "actor": "apt73", "threat_type": "threat-actor", "country": "Unknown", "sector": "", "ttps": [], "iocs": [ { "type": "Domain", "value": "github.com", "context": "Extraido del contenido" } ], "summary": "Grupo Ransomware: apt73 Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion A new ransomware group is said to have emerged in mid-April 2024, under the name 'APT73.' It's worth noting that the group reportedly self-proclaimed as an APT, which s…", "victim_domain": "" }, { "slug": "ransomware-group-arcusmedia", "title": "Ransomware Group: arcusmedia", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "arcusmedia" ], "actor": "arcusmedia", "threat_type": "threat-actor", "country": "United States", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: arcusmedia Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Arcus Media is a ransomware-as-a-service group that emerged in May 2024, employing double extortion with ChaCha20 + RSA-2048 encryption and recruiting affiliates via a referral-b…", "victim_domain": "" }, { "slug": "ransomware-group-argonauts", "title": "Ransomware Group: argonauts", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "argonauts" ], "actor": "argonauts", "threat_type": "threat-actor", "country": "Unknown", "sector": "Healthcare", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: argonauts Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Argonauts is a ransomware group that emerged in September 2024, operating a double-extortion model targeting logistics, healthcare, energy, and telecom sectors, with approximately…", "victim_domain": "" }, { "slug": "ransomware-group-arkana", "title": "Ransomware Group: arkana", "date": "2026-06-25", "tags": [ "anggipradana", "group", "ransomware", "arkana" ], "actor": "arkana", "threat_type": "threat-actor", "country": "Unknown", "sector": "Telecom", "ttps": [], "iocs": [], "summary": "Grupo Ransomware: arkana Perfil del grupo segun ransomware.anggipradana.com. CampoValor Alias Pais Estado Descripcion Arkana is a ransomware group that emerged in early 2025 and gained attention by claiming an attack on U.S. broadband provider WideOpenWest (WOW!), operating a three-phase ransom\/sale…", "victim_domain": "" } ] }