← Back to Ransomware Tracker

Hellcat

Inactive
20 Victims
Oct 25, 2024 First Discovered
Apr 7, 2025 Last Discovered
343 Days Inactive
75% Infostealer
0/7 Sites Online
Top Countries
US 6
CN 2
SE 1
PL 1
ES 1
CH 1
DE 1
TR 1
ID 1
TZ 1
Top Sectors
Technology 8
Education 3
Government 2
Financial Services 1
Telecommunication 1
Financial 1
Business Services 1
Energy 1
Known Locations (7)
DDoS Protection
hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion
404 Not Found
hellcakbszllztlyqbjzwcbdhfrodx55wq77kmftp4bhnhsnn5r3odad.onion
HellCat - Blog
hellcatdcy653ma43t2ryf2ztw5yfanqsbfmapndbqvteh5itctoijyd.onion
HellCat - Blog
hellcatdnrsu4i5uctbklunpfyv2ppiioh5sb3leu4dfgizinrve3gqd.onion
HellCat - Blog
hellcatdohzngkuh7zruzhi2wojrawbnzbyzljtkw6iluv5ussfer4id.onion
HellCat - Blog
hellcatdue7rasyoi4oh6t3fhra5bpcj5t6xmrm4vjicfqdvrl24ijid.onion
hellcatj6xgvho4qxnr2nbzzthsqel577i5wvzcpfjgavbo3d5l657id.onion
Intelligence
📄 2 Ransom Notes
View the actual ransom notes used by this group
Victims (20)
CVTE
CN Technology Discovered: Apr 7, 2025 · Attack est.: Apr 7, 2025
We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships.
P**o***
Discovered: Apr 7, 2025 · Attack est.: Apr 7, 2025
We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning.
Potomac Financial Services
US Financial Services Discovered: Apr 10, 2025 · Attack est.: Apr 7, 2025
We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning.
LeoVegas AB
SE Telecommunication Discovered: Apr 5, 2025 · Attack est.: Apr 5, 2025
We have compromised the internal systems of LeoVegas AB. The data in our possession threatens their operations, regulatory compliance, and customer trust.
Racami
US Technology Discovered: Apr 5, 2025 · Attack est.: Apr 5, 2025
Jiraware
Asseco
PL Technology Discovered: Apr 5, 2025 · Attack est.: Apr 5, 2025
Jiraware
Transsion Holdings
CN Technology Discovered: Mar 29, 2025 · Attack est.: Mar 29, 2025
We hold almost 70GB of sensitive data from Transsion, a leading mobile device provider with $8.6B in revenue. This includes emails, internal communications, source codes, project planning, and data from...
Omnitracs
US Technology Discovered: Mar 25, 2025 · Attack est.: Mar 24, 2025
We hold sensitive files from Omnitracs, a leading provider of fleet management and logistics solutions. The company must act swiftly to prevent the exposure of this data.
Grupo Santillana
ES Education Discovered: Mar 25, 2025 · Attack est.: Mar 24, 2025
We hold sensitive files from Santillana, the largest business unit of Spain’s publicly traded Prisa media group. The company must act quickly to prevent the exposure of this data.
HighWire Press
US Technology Discovered: Apr 5, 2025 · Attack est.: Mar 18, 2025
Jiraware
Ascom Holding AG
CH Technology Discovered: Mar 16, 2025 · Attack est.: Mar 19, 2026
44GB of sensitive data including internal reports, sales documents, confidential contracts, development tools, and source code stolen from Ascom.
OneDealer
DE Discovered: Feb 28, 2025 · Attack est.: Feb 25, 2025
We have obtained over 330,000 records from OneDealer partners, including sales reports, leads, customer data, and vehicle details with VINs and license plates. Affected companies include AutoHellas, AutoBesikos, KosmoCar, AWT,...
Car Care Plan - Turkey
TR Financial Discovered: Dec 26, 2024 · Attack est.: Dec 26, 2024
We have successfully stolen over50 GBof data from Car Care Plan, including financial records with sensitive information, legal documents and statements, customer records, along with internal documents and records. All...
Sistem Informasi Pengelolaan Keuangan Daerah (SIPKD)
ID Government Discovered: Dec 25, 2024 · Attack est.: Dec 25, 2024
We have successfully stolen82 GBof data, including backups, from the e-Finance system of Blora Regency, known as theSistem Informasi Pengelolaan Keuangan Daerah (SIPKD). The data spans from 2018 to the...
Pinger - USA
US Business Services Discovered: Dec 25, 2024 · Attack est.: Dec 25, 2024
We have successfully breached Pinger, obtaining 111 GB of sensitive data. This includes over 9 million user records, private messages, voice messages, internal tools such as phone number lookup and...
College of Business - Tanzania
TZ Education Discovered: Nov 4, 2024 · Attack est.: Nov 4, 2024
We have released over 500,000 records from Tanzania’s College of Business Education, containing student names, phone numbers, emails, and additional data, including possible billing information.
Ministry of Education - Jordan
JO Education Discovered: Nov 4, 2024 · Attack est.: Nov 4, 2024
We have successfully accessed and compromised a range of sensitive documents from Jordan's Ministry of Education. This includes images of identification cards, divorce papers, and various letters addressed to the...
Schneider Electric - France
FR Energy Discovered: Nov 4, 2024 · Attack est.: Nov 4, 2024
[IA generated] Schneider Electric, based in France, is a global leader in energy management and automation. The company focuses on digital transformation by integrating world-leading process and energy technologies. It...
The Knesset - Israel
IL Government Discovered: Oct 25, 2024 · Attack est.: Oct 25, 2024
We have successfully compromised the Knesset's secure networks and extracted 64GB of sensitive data. This includes internal communications and confidential documents.
Electronics For Imaging
US Technology Discovered: Mar 17, 2025 · Attack est.: Mar 19, 2026
We hold 19GB of sensitive files from Electronics For Imaging, Inc., including critical corporate data that could jeopardize the company's operations, client relationships, and reputation if released publicly.
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Tracker