← Back to Ransomware Chk

Helldown

Inactive
Helldown is an aggressive ransomware group first documented in August 2024, known for exploiting Zyxel firewall vulnerabilities to gain initial access and conducting large-scale data exfiltration averaging 70 GB per victim, targeting IT services, telecommunications, manufacturing, and healthcare primarily in the US.
36 Victims
Aug 13, 2024 First Discovered
Nov 6, 2024 Last Discovered
543 Days Inactive
0% Infostealer
0/2 Sites Online
Top Countries
US 9
DE 4
IT 3
FR 2
CH 2
GB 2
LB 2
PL 2
JP 1
RU 1
Top Sectors
Business Services 8
Healthcare 6
Manufacturing 4
Consumer Services 3
Technology 3
Energy 3
Transportation/Logistics 2
Public Sector 1
Financial Services 1
Known Locations (2)
Helldown Leaks
onyxcym4mjilrsptk5uo2dhesbwntuban55mvww2olk5ygqafhu3i3yd.onion
Helldown Leaks
onyxcgfg4pjevvp5h34zvhaj45kbft3dg5r33j5vu3nyp7xic3vrzvad.onion
Tools Used
CredentialTheft
Mimikatz
DefenseEvasion
HRSword
DiscoveryEnum
Advanced Port Scanner
LOLBAS
PsExec
RMM-Tools
TeamViewer
Victims (36)
AMERICANVENTURE
US Business Services Discovered: Nov 6, 2024 · Attack est.: Nov 6, 2024
americanventures.com
CSIKBS
JP Consumer Services Discovered: Nov 6, 2024 · Attack est.: Nov 6, 2024
www.csikitchenandbath.com
SMARTS-ENGINEER
RU Technology Discovered: Nov 6, 2024 · Attack est.: Oct 27, 2024
www.smarts-engineering.de
lacliniqueducoureur
CA Healthcare Discovered: Nov 6, 2024 · Attack est.: Oct 24, 2024
lacliniqueducoureur.com
TIVOLI-33
FR Healthcare Discovered: Nov 6, 2024 · Attack est.: Oct 22, 2024
tivoli-33.org
qualiform.cz
CZ Manufacturing Discovered: Nov 6, 2024 · Attack est.: Oct 21, 2024
www.qualiform.cz
children
IN Consumer Services Discovered: Nov 6, 2024 · Attack est.: Oct 11, 2024
generaldentistryforchildren.com
VALLEYFIRM
HK Business Services Discovered: Nov 6, 2024 · Attack est.: Oct 10, 2024
valleyfirm.com
SANJACINTOCOUNY
US Public Sector Discovered: Nov 6, 2024 · Attack est.: Oct 10, 2024
www.co.san-jacinto.tx.us
compassfs
US Financial Services Discovered: Nov 6, 2024 · Attack est.: Oct 10, 2024
www.compassfs.net
knoxlawcenter
US Business Services Discovered: Nov 6, 2024 · Attack est.: Oct 9, 2024
www.knoxlawcenter.com
hausdesstiftens.org
DE Healthcare Discovered: Nov 6, 2024 · Attack est.: Oct 7, 2024
hausdesstiftens.org
fuelco
Energy Discovered: Nov 6, 2024 · Attack est.: Sep 30, 2024
fuelco-us.com
nightnurse.ch
CH Healthcare Discovered: Nov 6, 2024 · Attack est.: Sep 12, 2024
www.nightnurse.ch
klinkamkurpark
DE Healthcare Discovered: Nov 6, 2024 · Attack est.: Aug 26, 2024
klinik-am-kurpark.de
HBGJEWISHCOMMUN
US Consumer Services Discovered: Aug 24, 2024 · Attack est.: Aug 24, 2024
www.jewishharrisburg.org
barryavenueplating
US Manufacturing Discovered: Aug 23, 2024 · Attack est.: Aug 23, 2024
www.barryavenueplating.com
kbosecurity.co.uk
GB Business Services Discovered: Aug 21, 2024 · Attack est.: Aug 21, 2024
kbosecurity.co.uk
khonaysser.com
LB Energy Discovered: Aug 21, 2024 · Attack est.: Aug 21, 2024
khonaysser.com
BARRYAVEPLATING
US Manufacturing Discovered: Aug 21, 2024 · Attack est.: Aug 21, 2024
BARRYAVEPLATING
RSK-IMMOBILIEN
DE Business Services Discovered: Aug 21, 2024 · Attack est.: Aug 21, 2024
RSK-IMMOBILIEN
ATP
IT Business Services Discovered: Aug 20, 2024 · Attack est.: Aug 20, 2024
atpsassari.it
Khonaysser
LB Energy Discovered: Aug 19, 2024 · Attack est.: Aug 19, 2024
Khonaysser
kbo
GB Discovered: Aug 18, 2024 · Attack est.: Aug 18, 2024
Here's something encrypted, password is required to continue reading.
zyxel
NL Technology Discovered: Aug 17, 2024 · Attack est.: Aug 17, 2024
Zyxel.eu is a European branch of Zyxel Communications Corporation, a global leader in networking solutions. It specializes in providing innovative and reliable internet connectivity products and services, including routers, switches,...
cincinnatipainphysicians
US Healthcare Discovered: Aug 22, 2024 · Attack est.: Aug 14, 2024
www.cincinnatipainphysicians.com
SCHLATTNER
DE Discovered: Aug 13, 2024 · Attack est.: Aug 13, 2024
deganis
FR Discovered: Aug 13, 2024 · Attack est.: Aug 13, 2024
hugwi
CH Technology Discovered: Aug 13, 2024 · Attack est.: Aug 12, 2024
Hugwi.ch is a Swiss-based company specializing in providing cutting-edge digital solutions, with a focus on web development, e-commerce, and custom software. They offer tailored services to businesses, enhancing their online...
briju
PL Business Services Discovered: Aug 13, 2024 · Attack est.: Aug 10, 2024
vindix
PL Discovered: Aug 13, 2024 · Attack est.: Aug 10, 2024
Albatros
IT Discovered: Aug 13, 2024 · Attack est.: Aug 10, 2024
AZIENDA TRASPORTI PUBBLICI S.P.A.
IT Transportation/Logistics Discovered: Aug 13, 2024 · Attack est.: Aug 9, 2024
cbmm
BR Manufacturing Discovered: Aug 13, 2024 · Attack est.: Aug 8, 2024
XPERT Business Solutions GmbH
AT Business Services Discovered: Aug 13, 2024 · Attack est.: Aug 4, 2024
MyFreightWorld
US Transportation/Logistics Discovered: Aug 13, 2024 · Attack est.: Aug 4, 2024
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Chk