-
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries.
- December 22, 2025
- 04:46 AM
0
-
US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations.
- September 09, 2025
- 12:08 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Ukrainian extradited to US for Nefilim ransomware attacks
A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies.
- May 01, 2025
- 03:44 PM
- 0
-
Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management.
- November 08, 2023
- 04:32 AM
- 0
-
New Karma ransomware group likely a Nemty rebrand
Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang.
- October 19, 2021
- 08:00 AM
- 0
-
Home appliance giant Whirlpool hit in Nefilim ransomware attack
Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices.
- December 28, 2020
- 12:12 PM
- 3
-
Business giant Dussmann Group's data leaked after ransomware attack
The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.
- July 28, 2020
- 07:30 PM
- 2
-
The Week in Ransomware - July 17th 2020 - Freshly squeezed
With Twitter hackers, 10/10 vulnerabilities, and Cloudflare outages this week, thankfully ransomware has been pretty slow this week.
- July 17, 2020
- 06:56 PM
- 2
-
Orange confirms ransomware attack exposing business customers' data
Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers.
- July 16, 2020
- 01:27 PM
- 0
-
The Week in Ransomware - May 8th 2020 - Attacks Continue
Ransomware operators continue their worldwide attacks against healthcare organizations and businesses, while leaking the data of victims who do not pay a ransom.
- May 08, 2020
- 06:43 PM
- 0
-
Toll Group hit by ransomware a second time, deliveries affected
The Toll Group has suffered its second ransomware cyberattack in three months, with the latest one conducted by the operators of the Nefilim Ransomware.
- May 05, 2020
- 02:35 PM
- 0
-
Sodinokibi, Ryuk ransomware drive up average ransom to $111,000
The first quarter of the year recorded an increase of the average amount ransomware operators demand from their victims. Compared to the previous quarter, a 33% swell was noted, driven by the Sodinokibi and Ryuk ransomware operators.
- May 02, 2020
- 11:30 AM
- 0
-
The Week in Ransomware - April 17th 2020 - Changing Tactics
There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement.
- April 17, 2020
- 06:35 PM
- 0
-
Three More Ransomware Families Create Sites to Leak Stolen Data
Three more ransomware families have created sites that are being used to leak the stolen data of non-paying victims and further illustrates why all ransomware attacks must be considered data breaches.
- March 24, 2020
- 07:23 PM
- 0
-
New Nefilim Ransomware Threatens to Release Victims' Data
A new ransomware called Nefilim that shares much of the same code as Nemty has started to become active in the wild and threatens to release stolen data.
- March 17, 2020
- 12:28 PM
- 0
0
