Inactive ransomware operator
← All groupsDarkrace
10 victims indexed · first seen 3 years ago · last activity 3 years ago
At a glance
- Status
- inactive
- First seen
- 3 years ago
- Last activity
- 3 years ago
- Onion sites
- 1 known endpoint
About
References
6 linksExternal sources curated by the MISP threat-intel community.
- ransomlook.io/group/darkrace
- broadcom.com/support/security-center/protection-bulletin/darkrace-ransomware
- trendmicro.com/vinfo/be/threat-encyclopedia/malware/ransom.win32.darkrace.thcofbd
- helpnetsecurity.com/2024/07/08/decryptor-donex-muse-darkrace-fake-lockbit-3-0/
- petikvx.github.io/2024/06/20/darkrace-ransomware.html
- salvagedata.com/blog/darkrace-ransomware
Timeline
2 monthsTop countries
MITRE ATT&CK
4 techniques · 4 tacticsTactics
Recent victims
Loading…
Onion infrastructure
1 known- http://wkrlpub5k52rjigwxfm6m7ogid55kamgc5azxlq7zjgaopv33tgx2sqd.onion
Source
Updated 3 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.
Get alerted the next time Darkrace posts a victim.
Add Darkrace to your watchlist — Pro pings you within 5 minutes of any new Darkrace leak-site post, Telegram callout, or affiliate-rebrand inference.

