DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Nefilim

Nefilim

Inactive

nefilim

First seen: 2020-05-05 00:00:00.000000Total victims: 15

According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

Recent Victimsshowing 15 of 15

NameCountrySectorDate
Atlanta Allergy & Asthma. Part 1.——2021-09-09 23:46:57.082905
Grimmway Farms. Part 1.——2021-09-09 23:46:57.076032
Elliott Group / Cascade Engineering / Unitex Textile Rental Services. Teaser.——2021-09-09 23:46:57.069128
Seven Seas. Part 1.——2021-09-09 23:46:57.061015
The MADSACK Media Group. Part 1.——2021-09-09 23:46:57.052582
Tegut. Part 1.——2021-09-09 23:46:57.044774
TPG Internet. Part 1.——2021-09-09 23:46:57.037373
Saipa Press. Part 1.——2021-09-09 23:46:57.030055
Tegut. Part 2.——2021-09-09 23:46:57.021275
The MADSACK Media Group. Part 2.——2021-09-09 23:46:57.013376
Whirlpool—Critical Manufacturing2020-12-01 00:00:00.000000
DKA (refrigeration and air conditioning specialist, Dussmann Group subsidiary)DECritical Manufacturing2020-07-27 00:00:00.000000
Orange (mobile operator)FRCommunication2020-07-04 00:00:00.000000
Fisher and Paykel AppliancesNZCritical Manufacturing2020-06-01 00:00:00.000000
Toll GroupAUTransportation Systems2020-05-05 00:00:00.000000

Data from ransomware.live