Ransomware Group intelligence
Medusalocker
InactiveTrack Medusalocker with 52 published victims and 4 known leak locations in a single intelligence view.
Overview
Medusalocker is tracked by Breach House as a ransomware group with 52 published victims.
United States is currently the most targeted country in this dataset.
4 known leak locations are currently associated with this group.
Top Countries
Interactive distribution based on the currently visible victims list.
Known Leak Locations (4)
| Label | Type | Availability | Links |
|---|---|---|---|
| Leak location 1 | Onion service | Unknown | qd7pcafncosqfqu3ha6fcx4h6sr7tzwagzpcdcnytiw3b6varaeqv5yd.onion |
| Leak location 2 | Onion service | Unknown | z6wkgghtoawog5noty5nxulmmt2zs7c3yvwr22v4czbffdoly2kl4uad.onion |
| Leak location 3 | Web location | Unknown | 95.143.191.148:3000 |
| Leak location 4 | Onion service | Unknown | medusaxko7jxtrojdkxo66j7ck4q5tgktf7uqsqyfry4ebnxlcbkccyd.onion |
Top Activity Sectors
No sector intelligence available.
Ransom Notes (0)
▼No ransom notes available for this group.
Tools Used
▼No tools used available.
YARA Rules (0)
▼No YARA rules available.
Indicators of Compromise (0)
▼No IoCs available for this group.
Negotiation Chats (0)
▼No negotiation chats available.
Research Sources
No external research sources linked yet.
Victims (52)
Search, filter and paginate the victim timeline for Medusalocker.
| Type | Target | Discovered | Country | Business Category | Intel Link |
|---|---|---|---|---|---|
| Ransomware | dulay.ca id23957 View details | Canada | Communication / Marketing | ||
|
Price-$40000 (sale in one hand there are options for making a profit from these files will be included in the deal) 500Gb |
|||||
| Ransomware | usenergy id22359 View details | United States | Energy | ||
|
Price-$120000 (sale in one hand there are options for making a profit from these files will be included in the deal) |
|||||
| Ransomware | Looking for pentesters id21590 View details | Other | |||
|
looking for pentesters: IF YOU DON’T HAVE ACCESS, PLEASE DON’T WASTE YOUR TIME. contact me at qtox: E9CD65687463F67F64937E961DD723DC82C79CB548375AAE8AA4A0698D356C5E7E157B22E8CD |
|||||
| Ransomware | UnigazJordan id20337 View details | Jordan | Other | ||
|
www.unigaz.net $690.6 Million The list of files is available at the link https://dropmefiles.com/9HGAJ |
|||||
| Ransomware | Mulia Raya id20305 View details | Indonesia | Other | ||
|
www.muliaraya.co.id $34.8 Million The list of files is available at the link https://dropmefiles.com/lAZQo |
|||||
| Ransomware | Curtain Bluff id18702 View details | Antigua and Barbuda | Finance / Legal / Insurance | ||
|
www.curtainbluff.com Curtain Bluff files Vacationer information (personal data), audit information (including past years), bank activity (statements with all transactions), internal organization documentation (even the menu) and other documents.There are also large amounts of account data (about 500 unique login/password pairs). Price – $120,000 |
|||||
| Ransomware | Inversiones Clinica Del Meta SA id18092 View details | Colombia | Healthcare / Pharma | ||
|
www.clinicameta.co Description employee information – patient information – agreements – password data – appointment information Sold with 1-day access Price-$100000 (sale in one hand there are options for making a profit from these files will be included in the deal) |
|||||
| Ransomware | MICRO MANUFACTRING id17454 View details | Communication / Marketing | |||
|
Micro Manufacturing Inc. Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files. password data\\ Sold with 1-day access Price-$120000 (sale in one hand there are options for making a profit from these files will be included in the deal |
|||||
| Ransomware | bendixengineering id16545 View details | United States | Manufacturing / Engineering | ||
|
Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files Data-2016-2024 years Price-$50000 (sale in one hand there are options for making a profit from these files will be included in the deal |
|||||
| Ransomware | SILKNET COMPANY id15662 View details | United States | Finance / Legal / Insurance | ||
|
URL:https://silknet.com https://geocell.ge/ On sale:Company email base(about 1tb)Customer dataCompany audit for 2023\24and more than 3tb of data. Price-$800000 There are a lot of corporate data, passports and other information. |
|||||
| Ransomware | Protected: HIDE NAME id12401 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | SHAMASS.ORG id12239 View details | United States | Communication / Marketing | ||
|
Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files Price-$50000 (sale in one hand there are options for making a profit from these files will be included in the deal) |
|||||
| Ransomware | Protected: HIDE NAME SELL DATA SOON id12147 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | Protected: Name is hidden id9793 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | skalar.com id9786 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | Ada-Borup-West School id9182 View details | Education | |||
|
Descriptionemployee information – student information – all contracts Price: 35000$ |
|||||
| Ransomware | wellons.org id9181 View details | Communication / Marketing | |||
|
Descriptionemployee information – agreement – customer email(.xls)- pst files 15+GB all outlook message 2006-2023 year Price: 55000$ |
|||||
| Ransomware | Confidential files id8933 View details | Finance / Legal / Insurance | |||
|
A large number of documents of large companies are available for sale Revenue-$10-$70kk Financial documents, client cases, passports, tax evasion and many other documents are in closed sale, please contact qtox to coordinate the sale |
|||||
| Ransomware | INSULCANA CONTRACTING LTD id8032 View details | Communication / Marketing | |||
|
Descriptionemployee information – agreement – customer email(.xls)- passport all canada and other documents Price: 35000$ |
|||||
| Ransomware | Protected: INSULCANA CONTRACTING LTD id7950 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | Protected: Hidden name id7335 View details | Communication / Marketing | |||
|
There is no excerpt because this is a protected post. |
|||||
| Ransomware | Hoosier Equipment company id7114 View details | Communication / Marketing | |||
|
DescriptionClient Case – agreement – email(.msg)- and other documents Price: 60000$ |
|||||
| Ransomware | Ucamco Belgium id7100 View details | Finance / Legal / Insurance | |||
|
DescriptionClient Case – customers email-Audit information-There is also access to email for newsletters on behalf of the company PRICE-$80000 |
|||||
| Ransomware | reutlingen.ihk.de id7011 View details | Germany | Communication / Marketing | ||
|
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents PRICE-$80000 |
|||||
| Ransomware | Hausamman company id7010 View details | Communication / Marketing | |||
|
DescriptionClient Case – customers email-documents PRICE-$20000 |
|||||
| Ransomware | kafflogistic.hu id7009 View details | Hungary | Communication / Marketing | ||
|
DescriptionClient Case – agreement – email(outlook files)- contracts – and other documents PRICE-$50000 |
|||||
| Ransomware | SELL DATA(qtox) id7008 View details | Communication / Marketing | |||
|
Available for sale: to buy please contact qtox price negotiable qtox-E9CD65687463F67F64937E961DD723DC82C79CB548375AAE8AA4A0698D356C5E7E157B22E8CD |
|||||
| Ransomware | Jalux Americas, Inc. id6855 View details | Communication / Marketing | |||
|
DescriptionClient Case – agreement – email(.msg) – and other documents Price: 160000$The company failed to take care of the data leak and therefore ,many contracts and other documents have been leaked to the Internet.We are also going to provide any documents related to the aforementioned company if any law enforcement agency should request it |
|||||
| Ransomware | arborsct.com id6854 View details | Finance / Legal / Insurance | |||
|
DescriptionClient Case – agreement – email(.msg)- and other documents Price: 60000$ One copy will be sold, confidential informationThe company did not take care of the data leak, and therefore we will sell many contracts, customer data, financial component and other documentsin one lot for $ 60,000 for verification in the darknet or bank |
|||||
| Ransomware | Salmon Software id6720 View details | IT | |||
|
DescriptionClient Case – agreement – email(.msg)- passport- and other documents Price: 120000$ Three copies will be sold, confidential informationThe company failed to take care of the data leak and therefore ,many contracts and other documents have been leaked to the Internet.Other: contracts, agreements and other bank checks, we will sell everything in one lot for… Continue reading Salmon Software |
|||||
| Ransomware | LETAPE JEUNES id6719 View details | Communication / Marketing | |||
|
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents(passports) PRICE-$40000 |
|||||
| Ransomware | bsw-architects.com id6080 View details | Communication / Marketing | |||
|
DescriptionClient Case – agreement – email(.msg)- contracts – and other documents PRICE-$80000 There are many projects, agreements and contracts that can be sold separately |
|||||
| Ransomware | DGLEGAL id4602 View details | Finance / Legal / Insurance | — | ||
|
No additional victim description available. |
|||||
| Ransomware | emscrm id4601 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | MIDAS Company id4600 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | AURIS KONINKLIJKE AURIS GROEP id4599 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | fidelityunited.ae id4598 View details | United Arab Emirates | Other | — | |
|
No additional victim description available. |
|||||
| Ransomware | goldcreekfoods id4597 View details | Agriculture / Food | — | ||
|
No additional victim description available. |
|||||
| Ransomware | exheat.com id4596 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | hwrpc.com id4595 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | tristatefabricators_inc id4593 View details | Public Sector | — | ||
|
No additional victim description available. |
|||||
| Ransomware | atlantisholidays id4592 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | archimages inc id4591 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | ALTlTUDE AEROSPACE INC id4590 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Fonderia Boccacci id4589 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Zelena Laguna Hotel id4588 View details | Hospitality / Food & Beverage / Tourism | — | ||
|
No additional victim description available. |
|||||
| Ransomware | LEGAZPIBANK id4587 View details | Finance / Legal / Insurance | — | ||
|
No additional victim description available. |
|||||
| Ransomware | MCCLEAN16 company id4586 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | lawtrade company id4585 View details | Finance / Legal / Insurance | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Autosoft company id4584 View details | Services | — | ||
|
No additional victim description available. |
|||||
| Ransomware | BIOPLAN id4583 View details | Other | — | ||
|
No additional victim description available. |
|||||
| Ransomware | Dyatech company id4582 View details | IT | — | ||
|
No additional victim description available. |
|||||