Active ransomware operator
← All groupsLilith
0 victims indexed · last activity 4 years ago
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- First seen
- —
- Last activity
- 4 years ago
- Onion sites
- 1 known endpoint
About
Auto-discovered from ransomware tracking sources
References
10 linksExternal sources curated by the MISP threat-intel community.
- blog.cyble.com/2022/07/12/new-ransomware-groups-on-the-rise/
- blog.trendmicro.com/trendlabs-security-intelligence/operation-endtrade-finding-multi-stage-backdoors-that-tick/
- github.com/werkamsus/Lilith
- s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/591/original/062521_SideCopy_%281%29.pdf
- s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/591/original/062521_SideCopy_%281%29.pdf?1625657388
- s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/592/original/Hashes_IOCs_for_coverage.txt
- s3.amazonaws.com/talos-intelligence-site/production/document_files/files/000/095/594/original/Network_IOCs_list_for_coverage.txt?1625657479
- trendmicro.com/en_us/research/21/l/collecting-in-the-dark-tropic-trooper-targets-transportation-and-government-organizations.html
- yoroi.company/research/a-deep-dive-into-eternity-group-a-new-emerging-cyber-threat/
- ransomlook.io/group/lilith
Recent victims
Loading…
Onion infrastructure
1 known- http://yeuajcizwytgmrntijhxphs6wn5txp2prs6rpndafbsapek3zd4ubcid.onion
Source
Updated 4 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.