Inactive ransomware operator
← All groupslockergoga
4 victims indexed · first seen 7 years ago · last activity 7 years ago
At a glance
- Status
- inactive
- First seen
- 7 years ago
- Last activity
- 7 years ago
- Primary sector
- Critical Manufacturing · 3 hits
About
References
3 linksExternal sources curated by the MISP threat-intel community.
Timeline
2 monthsTop countries
Top sectors
MITRE ATT&CK
4 techniques · 4 tacticsTactics
Detection · YARA rules
1 ruleLockerGogaRansomware
YARA rule from ATR/Trellix: ransomware/RANSOM_LockerGoga.yar
source: ATR/Trellix
Recent victims
Loading…
Source
Updated 7 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.
Get alerted the next time lockergoga posts a victim.
Add lockergoga to your watchlist — Pro pings you within 5 minutes of any new lockergoga leak-site post, Telegram callout, or affiliate-rebrand inference.

