Active ransomware operator
← All groupsAko
aka MedusaReborn · 0 victims indexed · last activity 5 years ago
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- Aliases
- MedusaReborn
- First seen
- —
- Last activity
- 5 years ago
- Onion sites
- 1 known endpoint
About
Auto-discovered from ransomware tracking sources
References
11 linksExternal sources curated by the MISP threat-intel community.
- digital.nhs.uk/cyber-alerts/2020/cc-3345
- pcrisk.com/removal-guides/16737-ako-ransomware
- pcrisk.com/images/stories/screenshots202001/ako-ransom-note-second_variant.jpg
- pcrisk.com/images/stories/screenshots202004/ako-ransomware-update-2020-04-09-text-file.jpg
- pcrisk.com/images/stories/screenshots202004/ako-update-2020-04-21-text-file.jpg
- pcrisk.com/images/stories/screenshots202004/ako-update-2020-04-21-html-file.jpg
- pcrisk.com/images/stories/screenshots202010/ako-ransomware-update-2020-10-15-text-file.gif
- ransomlook.io/group/ako
- tripwire.com/state-of-security/ako-ransomware-using-spam-attachments-to-target-networks
- attackiq.com/2025/01/09/emulating-ako-ransomware
- sonicwall.com/blog/ako-ransomware-demands-3000-operators-hide-behind-tor
Recent victims
Loading…
Onion infrastructure
1 known- http://kwvhrdibgmmpkhkidrby4mccwqpds5za6uo2thcw5gz75qncv7rbhyad.onion
Source
Updated 5 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.