← Back to Ransomware Chk
Icefire
Inactive
IceFire is a ransomware group first observed in 2022 that expanded to Linux in early 2023 by exploiting a vulnerability in IBM Aspera Faspex (CVE-2022-47986), targeting media and entertainment organizations in Turkey, Iran, Pakistan, and the UAE using double-extortion tactics.
11
Victims
Aug 20, 2022
First Discovered
Aug 20, 2022
Last Discovered
1353
Days Inactive
0%
Infostealer
0/2
Sites Online
Top Sectors
Technology 7
Education 1
Financial Services 1
Consumer Services 1
Manufacturing 1
Known Locations (2)
Leakage List
kf6x3mjeqljqxjznaw65jixin7dpcunfxbbakwuitizytcpzn4iy5bad.onion
Leakage List
7kstc545azxeahkduxmefgwqkrrhq3mzohkzqvrv7aekob7z3iwkqvyd.onion
Victims (11)
*.algotrader.com
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.bestservers.pro
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.iperactive.com.ar
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.cco1.com
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.vps-vds.com
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.guneshosting.com
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.kodhosting.com
Technology
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.kru.ac.th
Education
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.directfn.net
Financial Services
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.feesh.ch
Consumer Services
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022
*.skifgroup.com
Manufacturing
Discovered: Aug 20, 2022 · Attack est.: Aug 20, 2022