DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Netwalker

Netwalker

Inactive

netwalker

First seen: 2020-01-31 00:00:00.000000Total victims: 26

NetWalker ransomware group operates by the threat actor known as "CIRCUS SPIDER". The NetWalker ransomware was discovered in 2019. The group mainly targeting the Asia Pacific region but can attack globally. The group uses common attacking tools like Mimikatz and other legitimate tools (LOLBINS) like PSTools, AnyDesk, TeamViewer, NLBrute, and more. The group knowing by targeting the healthcare sector. Finally, in January 2021, Netwalker was takedown by the authorities, the police have confiscated hundreds of thousands of dollars in ransom payments collected by the Netwalker group, and they seized servers and disrupted the infrastructure and the darknet websites of the Netwalker ransomware group.

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

Recent Victimsshowing 26 of 26

NameCountrySectorDate
Nygard InternationalCACommercial Facilities2020-12-12 00:00:00.000000
CSAT Solutions—Information Technology2020-12-01 00:00:00.000000
Enel Group—Energy2020-10-19 00:00:00.000000
KYB CorporationUSCritical Manufacturing2020-10-01 00:00:00.000000
Wilmington Surgical AssociatesUSHealthcare and Public Health2020-10-01 00:00:00.000000
EquinixUSInformation Technology2020-09-07 00:00:00.000000
K-Electric (electric utility supplier)PKEnergy2020-09-07 00:00:00.000000
JandsAUCritical Manufacturing2020-09-01 00:00:00.000000
Cygilant (threat detection cybersecurity company)—Information Technology2020-09-01 00:00:00.000000
Direccion Nacional de Migraciones (Argentina's official immigration agency)ARGovernment Facilities2020-08-27 00:00:00.000000
Entrust EnergyUSEnergy2020-08-05 00:00:00.000000
Center for Fertility and Gynecology (Los Angeles)USHealthcare and Public Health2020-08-01 00:00:00.000000
Olympia House (Petaluma)USHealthcare and Public Health2020-08-01 00:00:00.000000
Forsee Power—Critical Manufacturing2020-08-01 00:00:00.000000
Canadian TireCACommercial Facilities2020-08-01 00:00:00.000000
Alfanar—Critical Manufacturing2020-07-09 00:00:00.000000
Trinity Metro (Fort Worth transit agency)USTransportation Systems2020-07-01 00:00:00.000000
Lorien Health ServicesUSHealthcare and Public Health2020-06-06 00:00:00.000000
Columbia College of ChicagoUSEducation Facilities2020-06-03 00:00:00.000000
University of San Francisco (UCSF)USEducation Facilities2020-06-01 00:00:00.000000
Michigan State UniversityUSEducation Facilities2020-05-27 00:00:00.000000
Network of Village of WeizATGovernment Facilities2020-05-01 00:00:00.000000
Spectra LogicUSInformation Technology2020-05-01 00:00:00.000000
Northwest Territories Power CorporationCAEnergy2020-04-30 00:00:00.000000
Champaign-Urbana Public Health DistrictUSHealthcare and Public Health2020-03-10 00:00:00.000000
Toll GroupAUTransportation Systems2020-01-31 00:00:00.000000

Data from ransomware.live