Active ransomware operator
← All groupsDiavol
0 victims indexed · last activity 4 years ago
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- First seen
- —
- Last activity
- 4 years ago
- Onion sites
- 2 known endpoints
About
Auto-discovered from ransomware tracking sources
References
15 linksExternal sources curated by the MISP threat-intel community.
- arcticwolf.com/resources/blog/karakurt-web
- chuongdong.com/reverse%20engineering/2021/12/17/DiavolRansomware/
- heimdalsecurity.com/blog/is-diavol-ransomware-connected-to-wizard-spider/
- medium.com/walmartglobaltech/diavol-resurfaces-91dd93c7d922
- medium.com/walmartglobaltech/diavol-the-enigma-of-ransomware-1fd78ffda648
- securityintelligence.com/posts/analysis-of-diavol-ransomware-link-trickbot-gang/
- thedfirreport.com/2021/12/13/diavol-ransomware/
- binarydefense.com/threat_watch/new-ransomware-diavol-being-dropped-by-trickbot/
- bleepingcomputer.com/news/security/diavol-ransomware-sample-shows-stronger-connection-to-trickbot-gang/
- bleepingcomputer.com/news/security/fbi-links-diavol-ransomware-to-the-trickbot-cybercrime-group/
- bleepingcomputer.com/news/security/trickbot-gang-developer-arrested-when-trying-to-leave-korea/
- fortinet.com/blog/threat-research/diavol-new-ransomware-used-by-wizard-spider
- ic3.gov/Media/News/2022/220120.pdf
- scythe.io/library/adversary-emulation-diavol-ransomware-threatthursday
- ransomlook.io/group/diavol
Recent victims
Loading…
Onion infrastructure
2 known- http://7ypnbv3snejqmgce4kbewwvym4cm5j6lkzf2hra2hyhtsvwjaxwipkyd.onion
- https://7ypnbv3snejqmgce4kbewwvym4cm5j6lkzf2hra2hyhtsvwjaxwipkyd.onion
Source
Updated 4 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.