ClassicBrechasMapaActoresTTP MatrixAnaliticaAlertasCyberNewsArsenalExploitsKillChainOrigenSSLBLRansomLook
vanirgroup
1 incidentes
1 paises
0 sectores
ransomware UA Ultimo: 2026-05-25
Vanirgroup is a ransomware operation that emerged in mid-2024, composed of former affiliates from Karakurt, LockBit, and Knight ransomware groups. Operating under the alias Vanir Group, this Eastern European ransomware-as-a-service (RaaS) collective is primarily driven by financial gain, having explicitly stated they have no political interests. The group's distinguishing features include its formation from disgruntled affiliates of other prominent ransomware operations, its relatively short operational span before its data leak site was seized by German law enforcement in September 2024, and its unique retro-style data leak site featuring an interactive terminal.
Actores similares
Canales, DLS e infraestructura asociada
Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
| Tipo | Estado | Host / enlace | Title / ultimo titulo |
|---|---|---|---|
| DLS / onion | unknown | 6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion | vanirgroup |
| DLS / leak site | seized | ransomware.anggipradana.com | Ransomware Group: vanirgroup |
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
Paises objetivo (SOCRadar)
China
Germany
Netherlands
Singapore
United States
VietnamSectores objetivo (SOCRadar)
ManufacturingTransportation&WarehousingInformation ServicesFinanceRental & LeasingProfessional&Technical ServicesEnterprises & HoldingOtherTextile & Fabric ManufacturingPublishing Services