CastorBreach Active
Ransomware group first observed in 2025. Uses SharpHound for deployment.0
Total Victims
2025-10-01
First Seen
2026-02-20
Last Seen
0
Known TTPs
8.5d
Avg Delay
0
Negotiations
ONION URLS
d4wwo5jyjtnq4i6ugw2qxieg6z6iob6lji2xgdn6bbyqprde2cvjcx3i.onion
TOOLS
SharpHound
nltest
Mimikatz
FILE EXTENSIONS
.locked
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
| Date | Victim Name | Country | Sector | Status |
|---|---|---|---|---|
| No victims recorded | ||||
No TTPs data
No YARA rules
No IoCs
No ransom notes