Uptime Hamster: 15d 3h 10mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza DataKeeper

DataKeeper

0 incidentes 0 paises 0 sectores ransomware Ultimo: -
Ver en IntelTracker → APTTrail →
DataKeeper emerged in February 2018 as a Ransomware-as-a-Service (RaaS) offering, distinguishing itself by providing a free sign-up and immediate access to generate weaponized binaries for affiliates on the Dark Web. Its primary motivation is financial gain through extortion. The group stands apart from other RaaS operations by deploying a ransomware variant that uses a four-layered obfuscation technique, employs dual AES and RSA-4096 encryption without adding file extensions to compromised files, and utilizes PsExec for lateral movement within targeted networks, which was an unusual characteristic for .NET-based ransomware at the time. The RaaS platform also uniquely allowed affiliates to configure specific file types for encryption and set custom ransom amounts, fostering uncertainty for victims regarding the extent of their data loss.

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / onionupdc4nwiijwiffwztwzj5fngmcoppedrxg4jqj2tq67ontbini6qmlguid.oniondatakeeper
DLS / leak siteunknownransomware.anggipradana.comRansomware Group: datakeeper
Tipo
ransomware
Pais origen
-
Motivacion
-
Impacto
17
Actualizado
Sat, 20 Ju

Paises objetivo (SOCRadar)

AustraliaUnited KingdomUnited States

Sectores objetivo (SOCRadar)

Energy & Utilities ConstructionManufacturingInformation ServicesFinanceProfessional&Technical ServicesEnterprises & HoldingHealthCare & Social AssistanceOtherSoftware Publishers