← Back to Ransomware Chk

Xinglocker

Inactive
XingLocker is a ransomware group that emerged in May 2021 as part of a franchise-style RaaS model built on a customized MountLocker payload, using IcedID for initial access and Windows Active Directory APIs for worm-style lateral movement across networks.
21 Victims
Apr 28, 2021 First Discovered
Oct 26, 2021 Last Discovered
1650 Days Inactive
0% Infostealer
0/1 Sites Online
Top Countries
US 2
Top Sectors
Manufacturing 4
Healthcare 3
Business Services 2
Financial Services 2
Construction 1
Transportation/Logistics 1
Energy 1
Technology 1
Public Sector 1
Known Locations (1)
星Team News
xingnewj6m4qytljhfwemngm7r7rogrindbq7wrfeepejgxc3bwci7qd.onion
Tools Used
DiscoveryEnum
AdFind, Bloodhound, PowerView, ShareFinder
Offsec
Cobalt Strike
Victims (21)
Wayne Automatic Fire Sprinklers, Inc.
Construction Discovered: Oct 26, 2021 · Attack est.: Oct 26, 2021
Tilia GmbH. TILIA GROUP
Manufacturing Discovered: Oct 8, 2021 · Attack est.: Oct 8, 2021
J.Irwin Company
Discovered: Aug 16, 2021 · Attack est.: Aug 16, 2021
DiaSorin
Discovered: Jul 7, 2021 · Attack est.: Jul 7, 2021
Greenwood Fabricating & Plating
Manufacturing Discovered: Jun 2, 2021 · Attack est.: Jun 2, 2021
Positive Promotions, Inc.
Business Services Discovered: Jun 1, 2021 · Attack est.: Jun 1, 2021
AQUALUNG
Manufacturing Discovered: Jun 1, 2021 · Attack est.: Jun 1, 2021
Sharafi Group Investments
Financial Services Discovered: May 26, 2021 · Attack est.: May 26, 2021
T.I.S. Group
Discovered: May 23, 2021 · Attack est.: May 23, 2021
Coastal Family Health Center
Healthcare Discovered: May 23, 2021 · Attack est.: May 23, 2021
OSF Healthcare System
Healthcare Discovered: May 17, 2021 · Attack est.: May 17, 2021
Solen A.S
Discovered: May 13, 2021 · Attack est.: May 13, 2021
LineStar
Discovered: May 13, 2021 · Attack est.: May 13, 2021
CBN Logistic
Transportation/Logistics Discovered: May 13, 2021 · Attack est.: May 13, 2021
Desert Plastering LLC
US Financial Services Discovered: May 12, 2021 · Attack est.: May 12, 2021
Gulfeagle Supply
Energy Discovered: May 10, 2021 · Attack est.: May 10, 2021
Bridgelux, Inc.
Technology Discovered: May 5, 2021 · Attack est.: May 5, 2021
Washoe Tribe
US Public Sector Discovered: May 5, 2021 · Attack est.: May 5, 2021
GlobeMed Saudi
Healthcare Discovered: May 5, 2021 · Attack est.: May 5, 2021
Pezzuto Group
Business Services Discovered: Apr 28, 2021 · Attack est.: Apr 28, 2021
NAVNIT GROUP
Manufacturing Discovered: Apr 28, 2021 · Attack est.: Apr 28, 2021
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Chk