ParadoxGroup Active
Ransomware group first observed in 2024. Uses ScreenConnect for deployment.0
Total Victims
2024-09-01
First Seen
2026-02-15
Last Seen
0
Known TTPs
42.5d
Avg Delay
0
Negotiations
ONION URLS
clyd6r6degivwkiioshokse7fmdk2mqy2aabaab7bi3wqdqwwpwd3wd4.onion
TOOLS
ScreenConnect
TeamViewer
Rclone
TrickBot
FILE EXTENSIONS
.locked
ACTIVITY TIMELINE
TOP SECTORS
TOP COUNTRIES
ACTIVITY HEATMAP
| Date | Victim Name | Country | Sector | Status |
|---|---|---|---|---|
| No victims recorded | ||||
No TTPs data
No YARA rules
No IoCs
No ransom notes