Uptime Hamster: 14d 23h 39mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza redalert

redalert

2 incidentes 1 paises 0 sectores ransomware Ultimo: 2026-06-29
Aliases: N13V, RedAlert Doxware
Ver en IntelTracker → APTTrail →
RedAlert is a ransomware group that emerged in February 2022, also known as N13V, and is strongly associated with the Nokoyawa ransomware family. The group primarily targets businesses and critical infrastructure, employing double extortion tactics to encrypt sensitive data and pressure victims into paying ransoms by threatening to leak exfiltrated information. A distinguishing characteristic of RedAlert is its use of the uncommon NTRUEncrypt cryptographic algorithm for encryption, also seen in FiveHands ransomware. The group has shown an adaptive nature, with the Nokoyawa variant initially written in C and later rewritten in Rust by September 2022 to enhance performance and evasion capabilities. Its primary motivation is financial gain through these ransomware operations.

Aliases del actor

N13VRedAlert Doxware

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / onionunknownblog2hkbm6gogpv2b3uytzi3bj5d5zmc4asbybumjkhuqhas355janyd.onionredalert
DLS / onionunknownje2yizds7r4uidk6uixfxwjj5w7or2agit4aj66l4lrhdbrvr3lsymid.onionredalert
DLS / leak siteunknownransomware.anggipradana.comRansomware Group: redalert
Tecnicas MITRE
T1059.001, T1078, T1486, T1569.002
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

United States (1)

Paises objetivo (SOCRadar)

United Arab EmiratesArgentinaAustriaBolivia, Plurinational State ofBrazilChileChinaSpainFinlandFrance

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersHospitalsEnterprises & HoldingManufacturingConstructionPublic AdministrationEducational Services

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com