← Back to Ransomware Tracker
Nefilim
Inactive
According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.
15
Victims
May 5, 2020
First Discovered
Sep 9, 2021
Last Discovered
1651
Days Inactive
100%
Infostealer
0/1
Sites Online
Top Sectors
Critical Manufacturing 3
Communication 1
Transportation Systems 1
Victims (15)
Atlanta Allergy & Asthma. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Grimmway Farms. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Elliott Group / Cascade Engineering / Unitex Textile Rental Services. Teaser.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Seven Seas. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
The MADSACK Media Group. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Tegut. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
TPG Internet. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Saipa Press. Part 1.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Tegut. Part 2.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
The MADSACK Media Group. Part 2.
Discovered: Sep 9, 2021 · Attack est.: Sep 9, 2021
Whirlpool
Critical Manufacturing
Discovered: Dec 1, 2020 · Attack est.: Dec 1, 2020
DKA (refrigeration and air conditioning specialist, Dussmann Group subsidiary)
DE
Critical Manufacturing
Discovered: Jul 27, 2020 · Attack est.: Jul 27, 2020
Orange (mobile operator)
FR
Communication
Discovered: Jul 4, 2020 · Attack est.: Jul 4, 2020
Fisher and Paykel Appliances
NZ
Critical Manufacturing
Discovered: Jun 1, 2020 · Attack est.: Jun 1, 2020
Toll Group
AU
Transportation Systems
Discovered: May 5, 2020 · Attack est.: May 5, 2020