Ransomware Group intelligence

Netwalker

Inactive

Track Netwalker with 26 published victims and 1 known leak locations in a single intelligence view.

Victims 26 Known published victims in this dataset

First discovered 2020-01-31 Earliest victim discovery date

Last discovered 2020-12-12 Latest victim discovery date

Inactive since 1961 days Days since the latest known victim

Top country United States 13 victims

Known locations 1 Leak or negotiation infrastructure tracked

Netwalker is tracked by Breach House as a ransomware group with 26 published victims.

United States is currently the most targeted country in this dataset.

1 known leak locations are currently associated with this group.

Top Countries

Distribution

Label	Type	Availability	Links
Leak location 1	Onion service	Unknown	`rnfdsgm6wb6j6su5txkekw4u4y47kp2eatvu7d6xhyn5cs4lt4pdrqqd.onion`

No sector intelligence available.

Ransom Notes (0)

▼

No ransom notes available for this group.

Tools Used

▼

No tools used available.

YARA Rules (0)

▼

No YARA rules available.

Indicators of Compromise (0)

▼

No IoCs available for this group.

Negotiation Chats (0)

▼

No negotiation chats available.

No external research sources linked yet.

Victims (26)

Search, filter and paginate the victim timeline for Netwalker.

Type	Target	Discovered	Country	Business Category	Intel Link
Ransomware	Nygard International id544 View details	2020-12-12	Canada	Services	—
No additional victim description available. ID 544
Ransomware	CSAT Solutions id535 View details	2020-12-01		Services	—
No additional victim description available. ID 535
Ransomware	Enel Group id502 View details	2020-10-19		Services	—
No additional victim description available. ID 502
Ransomware	KYB Corporation id488 View details	2020-10-01	United States	Services	—
No additional victim description available. ID 488
Ransomware	Wilmington Surgical Associates id490 View details	2020-10-01	United States	Other	—
No additional victim description available. ID 490
Ransomware	Equinix id477 View details	2020-09-07	United States	Other	—
No additional victim description available. ID 477
Ransomware	K-Electric (electric utility supplier) id478 View details	2020-09-07	Pakistan	Energy	—
No additional victim description available. ID 478
Ransomware	Jands id468 View details	2020-09-01	Australia	Other	—
No additional victim description available. ID 468
Ransomware	Cygilant (threat detection cybersecurity company) id469 View details	2020-09-01		IT	—
No additional victim description available. ID 469
Ransomware	Direccion Nacional de Migraciones (Argentina's official immigration agency) id465 View details	2020-08-27	Argentina	Communication / Marketing	—
No additional victim description available. ID 465
Ransomware	Entrust Energy id461 View details	2020-08-05	United States	Energy	—
No additional victim description available. ID 461
Ransomware	Center for Fertility and Gynecology (Los Angeles) id449 View details	2020-08-01	United States	Other	—
No additional victim description available. ID 449
Ransomware	Olympia House (Petaluma) id450 View details	2020-08-01	United States	Other	—
No additional victim description available. ID 450
Ransomware	Forsee Power id457 View details	2020-08-01		Energy	—
No additional victim description available. ID 457
Ransomware	Canadian Tire id459 View details	2020-08-01	Canada	Other	—
No additional victim description available. ID 459
Ransomware	Alfanar id441 View details	2020-07-09		Other	—
No additional victim description available. ID 441
Ransomware	Trinity Metro (Fort Worth transit agency) id432 View details	2020-07-01	United States	Communication / Marketing	—
No additional victim description available. ID 432
Ransomware	Lorien Health Services id401 View details	2020-06-06	United States	Healthcare / Pharma	—
No additional victim description available. ID 401
Ransomware	Columbia College of Chicago id399 View details	2020-06-03	United States	Education	—
No additional victim description available. ID 399
Ransomware	University of San Francisco (UCSF) id393 View details	2020-06-01	United States	Education	—
No additional victim description available. ID 393
Ransomware	Michigan State University id379 View details	2020-05-27	United States	Education	—
No additional victim description available. ID 379
Ransomware	Network of Village of Weiz id361 View details	2020-05-01	Austria	Telecommunications	—
No additional victim description available. ID 361
Ransomware	Spectra Logic id362 View details	2020-05-01	United States	Other	—
No additional victim description available. ID 362
Ransomware	Northwest Territories Power Corporation id358 View details	2020-04-30	Canada	Energy	—
No additional victim description available. ID 358
Ransomware	Champaign-Urbana Public Health District id339 View details	2020-03-10	United States	Healthcare / Pharma	—
No additional victim description available. ID 339
Ransomware	Toll Group id323 View details	2020-01-31	Australia	Services	—
No additional victim description available. ID 323

Netwalker

Overview

Top Countries

Known Leak Locations (1)

Top Activity Sectors