Active ransomware operator
← All groupsPrometheus
0 victims indexed · last activity 5 years ago
0
Victims indexed
—
Active period
—
Countries hit
At a glance
- Status
- active
- First seen
- —
- Last activity
- 5 years ago
- Onion sites
- 2 known endpoints
About
Auto-discovered from ransomware tracking sources
References
13 linksExternal sources curated by the MISP threat-intel community.
- therecord.media/decryptor-released-for-prometheus-ransomware-victims
- unit42.paloaltonetworks.com/prometheus-ransomwar
- id-ransomware.blogspot.com/2021/05/prometheus-ransomware.html
- medium.com/cycraft/prometheus-decryptor-6933e7bac1ea
- medium.com/cycraft/the-road-to-ransomware-resilience-c1ca37036efd
- medium.com/s2wlab/prometheus-x-spook-prometheus-ransomware-rebranded-spook-ransomware-6f93bd8ab5dd
- securityintelligence.com/posts/ransomware-encryption-goes-wrong/
- therecord.media/decryptor-released-for-prometheus-ransomware-victims/
- twitter.com/inversecos/status/1441252744258461699?s=20
- unit42.paloaltonetworks.com/prometheus-ransomware/
- cybereason.com/blog/cybereason-vs.-prometheus-ransomware
- sentinelone.com/labs/spook-ransomware-prometheus-derivative-names-those-that-pay-shames-those-that-dont/
- ransomlook.io/group/prometheus
Recent victims
Loading…
Onion infrastructure
2 known- http://promethw27cbrcot.onion
- http://promethw27cbrcot.onion/blog/
Source
Updated 5 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.