Active ransomware operator
← All groupsCrylock
aka Cryakl · 0 victims indexed · last activity 5 years ago
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- Aliases
- Cryakl
- First seen
- —
- Last activity
- 5 years ago
- Onion sites
- 1 known endpoint
About
Auto-discovered from ransomware tracking sources
References
19 linksExternal sources curated by the MISP threat-intel community.
- bartblaze.blogspot.com/2016/02/vipasana-ransomware-new-ransom-on-block.html
- blog.checkpoint.com/2015/11/04/offline-ransomware-encrypts-your-data-without-cc-communication/
- hackmag.com/security/ransomware-russian-style/
- ke-la.com/the-ideal-ransomware-victim-what-attackers-are-looking-for/
- securelist.com/cis-ransomware/104452/
- securelist.com/the-return-of-fantomas-or-how-we-deciphered-cryakl/86511/
- securelist.ru/shifrovalshhik-cryakl-ili-fantomas-razbushevalsya/24070/
- twitter.com/albertzsigovits/status/1217866089964679174
- twitter.com/bartblaze/status/1305197264332369920
- twitter.com/demonslay335/status/971164798376468481
- elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
- sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Cryakl-B/detailed-analysis.aspx
- telekom.com/en/blog/group/article/lockdata-auction-631300
- ransomlook.io/group/crylock
- pcrisk.com/removal-guides/16814-crylock-ransomware
- trendmicro.com/vinfo/us/threat-encyclopedia/malware/ransom.win32.crylock.h
- alartindex.com
- singleton.com/blog/describing-crylock-ransomware
- watchguard.com/
Recent victims
Loading…
Onion infrastructure
1 known- http://d57uremugxjrafyg.onion
Source
Updated 5 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.