RansomLook logo RansomLook

Brain Cipher

Compare
brain cipher logo brain cipher logo
Parsing: enabled

View crypto

Description

Brain Cipher ransomware surfaced in mid-2024, rapidly gaining notoriety after a high-impact attack on Indonesia’s National Data Center, which disrupted over 160 government services including immigration systems. The group operates with a double-extortion model, encrypting data using a LockBit 3.0-based payload (Salsa20/RSA hybrid) and threatening leaks via a Tor-hosted portal. Distinct behaviors include encrypting both file contents and filenames, and customizing encrypted file names with appended random extensions. Initial access methods include phishing and purchases from initial-access brokers. Ransom demands have ranged from tens of thousands up to $8 million USD, though victims have sometimes been offered decryption keys without payment. Victims span sectors such as government, healthcare, education, media, and manufacturing across Southeast Asia, Europe, and the Americas.

External Analysis6
External Analysis
https://www.sentinelone.com/anthology/brain-cipher/
https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/brain-cipher
https://www.vectra.ai/modern-attack/threat-actors/brain-cipher
https://www.group-ib.com/masked-actors/brain-cipher/
https://wazuh.com/blog/detecting-brain-cipher-ransomware-with-wazuh/
https://www.reuters.com/technology/cybersecurity/indonesia-says-it-has-begun-recovering-data-after-major-ransomware-attack-2024-07-12/
Mail3
Mail
brain.support@cyberfear.com
brain.dataleak@cyberfear.com
brain.decrypt@cyberfear.com
Urls2
Url
Status
Screen
Uptime 30d
Health
http://mybmtbgd7aprdnw2ekxht5qap5daam2wch25coqerrq2zdioanob34ad.onion/ Down Screen
0%
http://vkvsgl7lhipjirmz6j5ubp3w3bwvxgcdbpi3fsbqngfynetqtw4w5hyd.onion/ Down Screen
20%
File servers22
Url
Status
Screen
Uptime 30d
Health
http://cuuhrxbg52c5agytmtjpwfu7mrs4xtaitc4mukkiy2kqdxeqbcmuhaid.onion/ Down
0%
http://4ldgw2wuidqu5ef3rzx4byonf3y7rdnh43jiw2z4sbtjiwic6gkov7yd.onion/c/lgc2Yxua65agt4XMOMkQKJjsdrV2IzYk Down Screen
0%
http://4ldgw2wuidqu5ef3rzx4byonf3y7rdnh43jiw2z4sbtjiwic6gkov7yd.onion/ Down Screen
3%
http://zktnif5vckhmz5tyrukp5bamatbfhkxjnb23rspsanyzywcrx3bvtqad.onion/ Down Screen
23%
http://yt7beb7fj6xbh4dndrlyvl3gn4ck36qn2oqheiqjs4bp3wspj3wgpcad.onion/ Up Screen
17%
http://i6b4r6blgmm3r62zj42qxn6bvcbcrslcg6b6uwqws6xhnxz2howbhkid.onion/ Down Screen
20%
http://pzghjpkm2liszmvjsttflp475zqxgrywjhr7xagc4bqfb2a7aw3qysyd.onion/ Up Screen
23%
http://5v6tgs5xyuvl7kpg5b26e54kddlxdvktep2qmglawrohksv3qjwvw7qd.onion/ Up Screen
20%
http://lhdv4ydjx5idzvntdrmcbwsh3dhdi3ww5hoz3ws2d5q5jlfewdacx4qd.onion/ Up Screen
20%
http://oe7kcuvnulmdzir6zkewv5p353kc7qjf5tyqxfxabhzsm26pji44elqd.onion/ Up Screen
30%
http://zv27q4tjvqxelm2imgztfg7gtl3v56oqabe77hiufqoqilis2dgcdsad.onion/ Up Screen
30%
http://ubetdhmgnry4jk7ya7gh7p4hm4c3c57srkw62oc6hjmvvvkrqeybjjid.onion/ Up Screen
30%
http://ixvarmokkir6t6fzpn7prussp3ulys66aeivrhcvrmfowqi2gi2fgryd.onion/ Down Screen
23%
http://tahr6kwobsi7fj5j3hoyzxr34ipyiyuv2svhteht5td4etq23bcx7tyd.onion/ Down Screen
20%
http://ncyg34lipi3w2u7yvxl3swr6wj6lsoeix3grrdsn6nmcv4r7vntanoid.onion/ Down Screen
17%
http://bgpeqy3d5svuikeaueitix6zosg3pzekw77viulnucsiqsn4sjr65iyd.onion/ Down Screen
27%
http://as7fbsjvifse52ek5qnptfgvkduvvnl56adb3jjgk6k3p7bisipvotyd.onion/ Down Screen
30%
http://xangddavm54rgsju7iceahxztbqrcflzunffwbaswwhhftieygc4j3ad.onion/ Up Screen
33%
http://q226mkoikzgyu33jin7ox3qo6tea7yhlgz52p5lslpj73edtocsz4wqd.onion/ Up Screen
27%
http://hdgfvxxkepllbvqvk7vrudgwq55tg4joo4xpajaa3nv5gzpake66bnid.onion/ Down Screen
17%
http://jgkgqztfmwk53wlttsjo6i3nmwtzoch2oi2bocqzb4zmp6kfspuiaead.onion/ Up Screen
10%
http://zke5xim35cfolmq2h5i5sfmcoxr4pbpkfjwtq5lf6o4zo7avfcvnb5qd.onion/ Down Screen
27%
Chat servers3
Url
Status
Screen
Uptime 30d
Health
http://p6wmotxzvg34tdmpwm4beqgrcyp5iys43snkccsahnw74la3k3xx6pad.onion Down Screen
0%
http://brain4zoadgr6clxecixffvxjsw43cflyprnpfeak72nfh664kqqriyd.onion/ Down Screen
0%
http://braincgksuixxkpkme7zlpkh7u47oryxx574d74ws4eal4t2mxyahbqd.onion Down Screen
7%
Activity (interactive) 48
Activity charts
Posts48
Date Title Description Screen
fsbgroup.ca Screen
semag.fr Screen
axxia.fr Screen
oxfordcounty.ca Screen
cdom.org Screen
bmsi.org Screen
bw-lv.de Screen
VIRTUALWEB.US Screen
jorgefernandez.es Screen
ddecor.com Screen
ruizre.es Screen
soundtransit.org Screen
valedolobo.com Screen
edisoft.es Screen
iycsa.com.co Screen
mbmdubai.com Screen
neatem.fr | Update! Screen
Pulmonary Physicians of South Florida Clinics | Data security breach! Screen
neatem.fr Screen
Cirion Technologies Screen
It seems that it was easier to pay and calmly fix everything. Screen
Modern Dental Group Limited Screen
Estar Seguros, S.A. Screen
Cristal y Lavisa S.A. de C.V. Screen
Deloitte UK Screen
Royce Corporation Screen
G-ONE AUTO PARTS DE MÉXICO, S.A. DE C.V. Screen
COOPERATIVA TELEFONICA DE CALAFATE LTD. Screen
G-One Auto Parts de México S.A. de C.V. Screen
Berridge Manufacturing Co. Screen
K&S Tool & Mfg Co. Screen
Basilio Advogados Screen
CHRISTODOULOS G. VASSILIADES & CO. LLC Screen
hanwa.co.th Screen
rmn.fr Screen
ghanare.com Screen
beinlaw.co.il - Prof. Bein & Co. Screen
tiendasmacuto.com Screen
fabamaq.com Screen
cyceron.fr Screen
Sherbrooke Metals Screen
Apex Global | Big leak outlooks - 2tb. Screen
Cole Technologies Group Screen
Family Wealth Advisors Ltd. Screen
Mars 2 LLC Screen
Kominfo - 2 Very expensive advertising. Screen
Your advertisement Space for your advertising. Screen
Kominfo More important than money, only honor. Screen
Note