Ransomexx

Active

RansomExx is a ransomware family that targeted multiple companies starting in mid-2020. It shares commonalities with Defray777.

83 Victims

May 13, 2020 First Discovered

Mar 6, 2025 Last Discovered

378 Days Inactive

26.1% Infostealer

1/1 Sites Online

Top Countries

US 9

IN 2

IT 2

BR 2

CA 2

FR 2

GB 1

VE 1

MX 1

TW 1

Top Sectors

Technology 4

Business Services 4

Healthcare 3

Information Technology 3

Manufacturing 3

Financial Services 2

Government 2

Critical Manufacturing 2

Government Facilities 2

Transportation Systems 2

Known Locations (1)

RansomEXX v2

rnsm777cdsjrsdlbs4v5qoeppu3px6sb2igmh53jzrx7ipcrbjz5b2ad.onion

Tools Used

Exfiltration

RMM-Tools

DiscoveryEnum

Networking

CredentialTheft

LaZagne, Mimikatz, ProcDump

Offsec

Cobalt Strike

DefenseEvasion

LOLBAS

BCDEdit, Windows Event Utility (wevtutil)

Intelligence

📄 5 Ransom Notes
View the actual ransom notes used by this group →

Victims (83)

ADDA (adda.io)

IN Technology Discovered: Mar 7, 2025 · Attack est.: Mar 6, 2025

ADDA is SaaS for Residential Community Management. 12 millions residents, visitors and stuff records leaked.

Makesworth Accountants

GB Financial Services Discovered: Mar 4, 2025 · Attack est.: Feb 8, 2025

Makesworth Accountants is multi-award-winning accountancy practice of a chartered accountant, tax and business advisers. Leak size: 176.4GB.

Lakeshore Title Agency

US Financial Services Discovered: Mar 4, 2025 · Attack est.: Jan 30, 2025

Lakeshore Title Agency has closed over $100 million in commercial transactions and over $700 million in residential refinances and purchases. Leak size: 341GB.

Grupo Vargas

VE Discovered: Mar 4, 2025 · Attack est.: Dec 20, 2024

Laboratorios Vargas stands out in the pharmaceutical sector, not just for its longevity but also through continuous innovation and dedication toward creating high-quality medications tailored to meet diverse healthcare needs....

Retemex

MX Discovered: Sep 14, 2024 · Attack est.: Sep 14, 2024

Retemex is a virtual mobile operator in Mexico, operating on the country’s 4.5G LTE network. 24883 clients data even with PLAINTEXT PASSWORDS!

Brontoo Technology Solutions

IN Technology Discovered: Aug 10, 2024 · Attack est.: Aug 10, 2024

OstaApp, developed by Brontoo Technology Solutions India Private Limited, is a digital payment platform designed to offer a secure, fast, and convenient way to make transactions without relying on traditional...

nursing.com

Healthcare Discovered: Aug 3, 2024 · Attack est.: Aug 3, 2024

NURSING.com is an all-in-one online platform designed to help nursing students succeed in their studies and pass the NCLEX® exam with confidence. It provides a variety of resources, including video...

Planet Group International

US Technology Discovered: Jul 26, 2024 · Attack est.: Jul 26, 2024

Planet Group International is a multinational corporation specializing in innovative technology solutions and consulting services. With a presence in numerous countries, the company focuses on digital transformation, IT infrastructure, software...

LITEON

TW Technology Discovered: Jul 26, 2024

LITEON Technology Corporation, based in Taiwan, is a leading company in the electronics industry known for its diverse range of products. Founded in 1975, LITEON specializes in the development and...

Wagner-Meinert

Business Services Discovered: Jul 12, 2024 · Attack est.: Jul 8, 2024

Wagner-Meinert is a company that specializes in industrial refrigeration, food process systems, and mechanical contracting. They provide services such as design, installation, maintenance, and compliance support for industrial and commercial...

Asteco

AE Business Services Discovered: Apr 22, 2024 · Attack est.: Apr 17, 2024

Asteco is a real estate services firm based in the United Arab Emirates (UAE), with its headquarters in Dubai. It offers a wide range of real estate services including property...

Tyler Technologies

US Information Technology Discovered: Sep 22, 2020

Ministry of Defense of Peru

PE Government Discovered: Apr 22, 2024 · Attack est.: Mar 24, 2024

The Peruvian Ministry of Defense (Ministerio de Defensa del Perú) is the government agency responsible for overseeing the defense and security affairs of Peru. Leaked data size: 763.8GB.

Kenya Airways

KE Discovered: Dec 30, 2023 · Attack est.: Dec 30, 2023

Kenya Airways Ltd., more commonly known as Kenya Airways, is the flag carrier airline of Kenya. The company was founded in 1977, after the dissolution of East African Airways. Its...

AlJaber Engineering

QA Discovered: Nov 26, 2023 · Attack est.: Nov 26, 2023

AlJaber Engineering (JEC) is a leading general contractor based in the State of Qatar.

Admilla ELAP

Discovered: Nov 17, 2023 · Attack est.: Nov 17, 2023

Elap (formerly Admilia) offers its expertise and support throughout the implementation of your budget and accounting solution. Huge clients, financial documents, contracts, personal data and a lot of confidential things...

Telecommunications Services of Trinidad and Tobago

TT Business Services Discovered: Apr 22, 2024 · Attack est.: Oct 27, 2023

Telecommunications Services of Trinidad and Tobago (TSTT) is the primary telecommunications provider in the twin-island nation of Trinidad and Tobago. Leaked data size: 6GB.

Telecommunications Services of Trinidad and Tobago (tstt.co.tt)

Discovered: Oct 27, 2023

tstt.co.tt and bmobile.co.tt. 4293368 customer's lines, ID scans, gitlab projects, db dumps.

DVA - DVision Architecture

Discovered: Jul 1, 2023 · Attack est.: Jul 1, 2023

Dalla digitalizzazione del progetto alla realizzazione di prototipi costruttivi: l’attività di DVA spazia dal concept di un intervento, all’organizzazione logistica di cantiere. Un approccio declinato secondo il connubio tra digitalizzazione...

DVision Architecture

IT Business Services Discovered: Apr 22, 2024 · Attack est.: Jul 1, 2023

Dvision Architecture is a global architecture and design firm known for its innovative approach to architectural projects. Leaked data size: 110GB.

Jacobs Farm

Discovered: Jun 24, 2023 · Attack est.: Jun 24, 2023

Jacobs Farm was founded in 1980 as a small organic family farm dedicated to growing fresh, high quality, delicious food without damaging the environment.

Jacobs Farm / Del Cabo

US Agriculture and Food Production Discovered: Apr 22, 2024 · Attack est.: Jun 24, 2023

Jacobs Farm / Del Cabo is an organic farming company known for its commitment to sustainable agriculture and ethical business practices. Leaked data size: 399GB.

Bettuzzi And Partners

Discovered: Mar 2, 2023 · Attack est.: Mar 2, 2023

Lo Studio BETTUZZI & PARTNERS - Dottori Commercialisti è stato fondato dal dott. Alvaro Bettuzzi, nell'anno 2005, dopo aver maturato significative esperienze nello svolgimento della professione di dottore commercialista. Oltre...

BULOG

Discovered: Feb 22, 2023 · Attack est.: Feb 22, 2023

BULOG adalah perusahaan umum milik negara yang bergerak di bidang logistik pangan.

Badan Urusan Logistik

ID Government Discovered: Apr 22, 2024 · Attack est.: Feb 22, 2023

BULOG, or Badan Urusan Logistik, is the state-owned logistics agency of Indonesia Leaked data size: 12.77GB.

REC Silicon

Discovered: Dec 11, 2022 · Attack est.: Dec 11, 2022

REC Silicon is a global leader in silane-based, high-purity silicon materials.

Unimed Belem

Discovered: Oct 19, 2022 · Attack est.: Oct 19, 2022

A Unimed é a maior realidade cooperativista na área da saúde em todo o mundo e também a maior rede de assistência médica do Brasil, presente em 83% do território...

Consorci Sanitari Integral & Geseme

Discovered: Oct 11, 2022 · Attack est.: Oct 11, 2022

El Consorci Sanitari Integral (CSI) és un ens públic de serveis sanitaris i socials que neix l'any 2000 assumint els antics hospitals de la Creu Roja en la província de...

Consorci Sanitari Integral

ES Healthcare Discovered: Apr 22, 2024 · Attack est.: Oct 11, 2022

Consorci Sanitari Integral (CSI) is a healthcare consortium based in Catalonia, Spain Leaked data size: 52.47GB.

Ferrari

Discovered: Oct 2, 2022 · Attack est.: Oct 2, 2022

Some internal documents, datasheets, repair manuals, etc.

Bombardier Recreational Products (BRP) - SOURCE CODES

Discovered: Oct 1, 2022 · Attack est.: Oct 1, 2022

Here are some codes from BRP's repos. atgk.brp.ApprenticeShopAPI, atgk.brp.ApprenticeShopMobileAppBackend, atgk.brp.Tools.RemoteConnectionManager, BRP - Usine 9 - Tracking, BRP-PP-ALM, EPC, RIM, SAP-BenchStatusMobileApp.

Fundo Nacional de Desenvolvimento da Educação

BR Discovered: Sep 3, 2022 · Attack est.: Sep 3, 2022

The National Fund for Educational Development (FNDE) is a federal agency under the Ministry of Education, responsible for implementing programs nationwide, including the National School Nutrition Program – PNAE, which...

Bombardier Recreational Products (BRP) - BONUS CONTENT (!!!)

Discovered: Aug 24, 2022 · Attack est.: Aug 24, 2022

In addition to previous leak: employees credentials, if you need netflix, battle.net, paypal or pornhub account feel free to use it; employees personal photos/videos; confidential BRP documents from several employees...

Bombardier Recreational Products

CA Manufacturing Discovered: Apr 22, 2024 · Attack est.: Aug 23, 2022

Bombardier Recreational Products (BRP) is a Canadian company that designs, manufactures, distributes, and markets motorized recreational vehicles and powersports engines. Leaked data size: 32.5GB.

Bombardier Recreational Products (BRP)

US Discovered: Aug 23, 2022 · Attack est.: Aug 23, 2022

BRP Inc. is the holding company for Bombardier Recreational Products Inc., operating as BRP, a Canadian manufacturer of snowmobiles, all-terrain vehicles, side by sides, motorcycles, and personal watercraft. It was...

Sonae

Discovered: Apr 5, 2022 · Attack est.: Apr 5, 2022

Stago

Discovered: Mar 29, 2022 · Attack est.: Mar 29, 2022

Scottish Association for Mental Health

Discovered: Mar 20, 2022 · Attack est.: Mar 20, 2022

Viva Air

Discovered: Mar 14, 2022 · Attack est.: Mar 14, 2022

Diagnostica Stago

FR Healthcare Discovered: Apr 22, 2024 · Attack est.: Mar 1, 2022

Diagnostica Stago is a global leader in the field of in-vitro diagnostics, specializing in hemostasis and thrombosis.Leaked data size: 423MB.

POP TV

Discovered: Feb 15, 2022 · Attack est.: Feb 15, 2022

KCA Deutag

Discovered: Jan 28, 2022 · Attack est.: Jan 28, 2022

Hellmann Worldwide Logistics

Discovered: Dec 15, 2021 · Attack est.: Dec 15, 2021

UMW Group

Discovered: Dec 10, 2021 · Attack est.: Dec 10, 2021

Ruwac Industrial Vacuums

US Manufacturing Discovered: Apr 22, 2024 · Attack est.: Dec 6, 2021

Ruwac Industrial Vacuums is a leading manufacturer of industrial vacuum cleaners and vacuum systems designed for specialized cleaning applications in various industries. Leaked data size: 7.79GB.

Ruwac

Discovered: Dec 6, 2021 · Attack est.: Dec 6, 2021

Unione dei Comuni Terre di Pianura

Discovered: Nov 16, 2021 · Attack est.: Nov 16, 2021

Digicel Group

Discovered: Oct 24, 2021 · Attack est.: Oct 24, 2021

Unione Reno Galliera

Discovered: Sep 26, 2021 · Attack est.: Sep 26, 2021

United Carton Industries Company

SA Manufacturing Discovered: Apr 22, 2024 · Attack est.: Sep 20, 2021

United Carton Industries Company (UCIC) is a leading packaging solutions provider based in Saudi Arabia Leaked data size: 26.37GB.

United Carton Industries Company Ltd

Discovered: Sep 20, 2021 · Attack est.: Sep 20, 2021

Ultrapar Participações S.A.