Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how infostealer infections are impacting your business

Ransomware Group : nefilim

nefilim


According to Vitali Kremez and Michael Gillespie, this ransomware shares much code with Nemty 2.5. A difference is removal of the RaaS component, which was switched to email communications for payments. Uses AES-128, which is then protected RSA2048.


Ransomware.live has 15 victims in its database for this group.

Victim Name Country Date
Atlanta Allergy & Asthma. Part 1. 2021-09-09
Grimmway Farms. Part 1. 2021-09-09
Elliott Group / Cascade Engineering / Unitex Textile Rental Services. Teaser. 2021-09-09
Seven Seas. Part 1. 2021-09-09
The MADSACK Media Group. Part 1. 2021-09-09
Tegut. Part 1. 2021-09-09
TPG Internet. Part 1. 2021-09-09
Saipa Press. Part 1. 2021-09-09
Tegut. Part 2. 2021-09-09
The MADSACK Media Group. Part 2. 2021-09-09
Whirlpool 2020-12-01
DKA (refrigeration and air conditioning specialist, Dussmann Group subsidiary) 2020-07-27
Orange (mobile operator) 2020-07-04
Fisher and Paykel Appliances 2020-06-01
Toll Group 2020-05-05