NetWalker ransomware group operates by the threat actor known as "CIRCUS SPIDER". The NetWalker ransomware was discovered in 2019. The group mainly targeting the Asia Pacific region but can attack globally. The group uses common attacking tools like Mimikatz and other legitimate tools (LOLBINS) like PSTools, AnyDesk, TeamViewer, NLBrute, and more. The group knowing by targeting the healthcare sector. Finally, in January 2021, Netwalker was takedown by the authorities, the police have confiscated hundreds of thousands of dollars in ransom payments collected by the Netwalker group, and they seized servers and disrupted the infrastructure and the darknet websites of the Netwalker ransomware group.
| Victim Name | Country | Date |
|---|---|---|
| Nygard International |  |
2020-12-12 |
| CSAT Solutions |  |
2020-12-01 |
| Enel Group | |
2020-10-19 |
| KYB Corporation |  |
2020-10-01 |
| Wilmington Surgical Associates | |
2020-10-01 |
| Equinix | |
2020-09-07 |
| K-Electric (electric utility supplier) |  |
2020-09-07 |
| Jands |  |
2020-09-01 |
| Cygilant (threat detection cybersecurity company) | |
2020-09-01 |
| Direccion Nacional de Migraciones (Argentina's official immigration agency) |  |
2020-08-27 |
| Entrust Energy | |
2020-08-05 |
| Center for Fertility and Gynecology (Los Angeles) | |
2020-08-01 |
| Olympia House (Petaluma) | |
2020-08-01 |
| Forsee Power | |
2020-08-01 |
| Canadian Tire | |
2020-08-01 |
| Alfanar | |
2020-07-09 |
| Trinity Metro (Fort Worth transit agency) | |
2020-07-01 |
| Lorien Health Services | |
2020-06-06 |
| Columbia College of Chicago | |
2020-06-03 |
| University of San Francisco (UCSF) | |
2020-06-01 |
| Michigan State University | |
2020-05-27 |
| Network of Village of Weiz |  |
2020-05-01 |
| Spectra Logic | |
2020-05-01 |
| Northwest Territories Power Corporation | |
2020-04-30 |
| Champaign-Urbana Public Health District | |
2020-03-10 |
| Toll Group | |
2020-01-31 |