nefilim
According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.
| Name | Country | Sector | Date |
|---|---|---|---|
| Atlanta Allergy & Asthma. Part 1. | — | Healthcare | 2021-09-09T23:46:57.082905+00:00 |
| Grimmway Farms. Part 1. | — | Agriculture and Food Production | 2021-09-09T23:46:57.076032+00:00 |
| Elliott Group / Cascade Engineering / Unitex Textile Rental Services. Teaser. | — | Manufacturing | 2021-09-09T23:46:57.069128+00:00 |
| Seven Seas. Part 1. | — | Consumer Services | 2021-09-09T23:46:57.061015+00:00 |
| The MADSACK Media Group. Part 1. | — | Business Services | 2021-09-09T23:46:57.052582+00:00 |
| Tegut. Part 1. | — | Consumer Services | 2021-09-09T23:46:57.044774+00:00 |
| TPG Internet. Part 1. | — | Telecommunication | 2021-09-09T23:46:57.037373+00:00 |
| Saipa Press. Part 1. | — | Manufacturing | 2021-09-09T23:46:57.030055+00:00 |
| Tegut. Part 2. | — | Consumer Services | 2021-09-09T23:46:57.021275+00:00 |
| The MADSACK Media Group. Part 2. | — | Business Services | 2021-09-09T23:46:57.013376+00:00 |
| Whirlpool | — | Manufacturing | 2020-12-01T00:00:00+00:00 |
| DKA (refrigeration and air conditioning specialist, Dussmann Group subsidiary) | DE | Manufacturing | 2020-07-27T00:00:00+00:00 |
| Orange (mobile operator) | FR | Telecommunication | 2020-07-04T00:00:00+00:00 |
| Fisher and Paykel Appliances | NZ | Manufacturing | 2020-06-01T00:00:00+00:00 |
| Toll Group | AU | Transportation/Logistics | 2020-05-05T00:00:00+00:00 |
Data from ransomware.live