Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Hellogookie

HelloGookie is a rebrand of the HelloKitty ransomware group announced in April 2024, releasing previously stolen data from CD Projekt Red and Cisco; HelloKitty/HelloGookie has been active since 2020 with its highest-profile attack being the 2021 breach of CD Projekt Red.

Victims
3
 
First Discovered
2024-04-19
victim
Last Discovered
2024-04-19
victim
Inactive Since
2yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
100.0%
victims with domain
Countries
2
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon HelloGookie No 2026-04-28T07:24:05 gookie256cvccntvenyxrvn7ht73bs6ss3oj2ocfkjt5y6vq6gfi2tad.onion
Target
Top 5 Activity Sectors
  • Technology 3
Top 5 Countries
  • US flag United States 1
  • PL flag Poland 1
Heatmap
YARA Rules (1)
Victims (3)
Logo
Hey everyone! Some private keys here.
Hellogookie
Discovered: 2024-04-19 (2y ago)
LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBNENoODBXOTFVc09raE9jSDNxVjJ6eTZlUGxh…
Logo
Hey cisco! US
Hellogookie
Discovered: 2024-04-19 (2y ago)
You lied to us and play for time to kick us out. We will meet you soon, again. Next time you'll have…
Logo
CD Projekt! PL
Hellogookie
Discovered: 2024-04-19 (2y ago)
How you doin? I just remembered some passwords... do you have it? ah, whatever... just leave it here…