cert-orangecyberdefense/ransomware_map
GitHub: cert-orangecyberdefense/ransomware_map
Stars: 485 | Forks: 26
# Orange Cyberdefense CERT - 勒索软件生态图谱
**最新版本 = 第 29 版(2026 年 1 月 - 即将发布)**
该图谱展示了 2015 年至 2026 年间,与 300 多个勒索软件组织相关的关系和时间线。
希望能对你有所帮助!
World Watch 团队 -
Global CERT Orange Cyberdefense
版权所有。
免责声明: 本图谱无意做到详尽无遗。其目标是展示相关勒索软件操作之间的关系,并非刻意列出 2015 年以来所有现存的勒索软件组织。各家族(strains)及相关威胁行为者(threat actors)的名称由我们从网络安全社区最常用的别名中任意选定。这并不意味着我们认可创建该别名的供应商。 提醒一下,在审视网络犯罪生态系统时,断言关系和归属(attribution)极其复杂:威胁行为者流动性极强且彼此关联,使得有效的协作难以定义和随时间追踪。 除我们的内部资源(监控、逆向工程、与大多数知名团伙相关的 Incident Response 介入)外,此映射还利用了来自事件响应人员、恶意软件分析师、CTI 研究人员等的大量公开和私人报告。我们注意到了利用可信来源仔细筛选、确证和核实此类情报,但仍可能存在细微错误或有争议的关联。 如有任何反馈,请直接发送给我们或通过开启 issue 告知。
**更新日志**: ### *2026/01/19: V29* Edit: Apos
Edit: BlackOut
Edit: BlackSuit
Edit: Cactus
Edit: Cryptnet
Edit: Dharma
Edit: Embargo
Edit: Hellokitty
Edit: Hunters International
Edit: LukaLocker
Edit: Makop
Edit: Nitrogen
Edit: Phobos
Edit: Qilin
Edit: Radar
Edit: Ransomed
Edit: Thanos
New addition: Agenda - May 2022
New addition: Ailock - June 2025
New addition: Anubis - December 2024
New addition: Arachna - September 2025
New addition: Arkana - March 2025
New addition: Aware - January 2026
New addition: Beast - July 2025
New addition: Benzona - - November 2025
New addition: Bert - March 2025
New addition: BlackField - October 2025
New addition: BlackNevas - July 2025
New addition: BlackShrantac - September 2025
New addition: BQTlock - July 2025
New addition: Brotherhood - October 2025
New addition: Cephalus - August 2025
New addition: Chaos - March 2025
New addition: Coinbase Cartel - September 2025
New addition: Cortex - April 2025
New addition: CrazyHunter - January 2025
New addition: Crypto24 - April 2025
New addition: DarkLulz - June 2025
New addition: DataCarry - May 2025
New addition: Desolator - August 2025
New addition: Devman 2.0 - December 2025
New addition: Devman - April 2025
New addition: Dire Wolf - May 2025
New addition: Evilbyte - March 2025
New addition: Genesis - October 2025
New addition: Gentlemen - September 2025
New addition: Global - June 2025
New addition: Gunra - May 2025
New addition: HelloGookie - April 2024
New addition: HexaLocker - August 2024
New addition: Imn Crew - March 2025
New addition: J Group - February 2025
New addition: KawaLocker - June 2025
New addition: Kazu - October 2025
New addition: Kraken - February 2025
New addition: Kryptos - October 2025
New addition: Leaknet - October 2025
New addition: Lockbit 5.0 - September 2025
New addition: Lunalock - September 2025
New addition: Mamona - March 2025
New addition: Marlock - September 2021
New addition: Mindware - May 2022
New addition: Minteye - December 2025
New addition: Monolock - October 2025
New addition: Ms13-089 - December 2025
New addition: Nightspire - February 2025
New addition: Obscura - August 2025
New addition: Orca - September 2024
New addition: Osiris - December 2025
New addition: Payouts King - July 2025
New addition: PEAR - July 2025
New addition: Prince - July 2024
New addition: Radiant - September 2025
New addition: RAlord - March 2025
New addition: Root - December 2025
New addition: Run Some Wares - February 2025
New addition: Satanlock - April 2025
New addition: Secp0 - March 2025
New addition: Securotrop - August 2025
New addition: SiegedSec - December 2023
New addition: Sinobi - July 2025
New addition: Skira - March 2025
New addition: Sparta - September 2022
New addition: TeamXXX - May 2025
New addition: Tengu - October 2025
New addition: Trident - December 2025
New addition: VanHelsing - March 2025
New addition: Vect - January 2026
New addition: Wallocker - July 2025
New addition: Warlock - June 2025
New addition: Werewolves - March 2023
New addition: Weyhro - March 2025
New addition: World Leaks - January 2025
New addition: Yurei - September 2025
### *2025/03/01: V28* Edit: 8base
Edit: Black Basta
Edit: Brain Spider
Edit: Chatty Spider
Edit: D0nut
Edit: DarkVault
Edit: Interlock
Edit: Jigsaw
Edit: LukaLocker
Edit: Monti
Edit: Monti
Edit: Pryx
Edit: Rancoz
Edit: Ransomware Blog
New addition: 0mega
New addition: Anubis
New addition: Apos Security
New addition: Arcane
New addition: Argonauts
New addition: BabyLockerKZ
New addition: Bashe
New addition: BlackLock
New addition: BlackTor
New addition: BlueBox
New addition: Chort
New addition: CoomingProject
New addition: Core
New addition: Cring
New addition: dAn0n
New addition: DeathGrip
New addition: Dragonforce
New addition: ElPaco
New addition: Eruption
New addition: Farattack
New addition: Frag
New addition: Fsociety
New addition: Funksec
New addition: GDLockerSec
New addition: Grinch
New addition: Hellcat
New addition: HellDown
New addition: Interlock
New addition: Kairos
New addition: Kraken
New addition: Kryptina
New addition: LeakedData
New addition: Linkc
New addition: LockBit 4.0
New addition: Malas
New addition: Marketo
New addition: Morpheus
New addition: Muliaka
New addition: Nitro Spider
New addition: Nitrogen
New addition: Phantom
New addition: PlayBoy
New addition: Qiulong
New addition: Ransomcortex
New addition: Sabbath
New addition: Safepay
New addition: Sarcoma
New addition: Slippery Scorpius
New addition: Space Bears
New addition: Stormous
New addition: Stumped Scorpius
New addition: Termite
New addition: Tycoon
New addition: UNC2190
New addition: Unsafe
New addition: Xelera
### *2024/09/18: V27* Edit: 8base
Edit: Abyss
Edit: Babuk
Edit: BianLian
Edit: BlackSuit
Edit: CryptNet
Edit: Dispossessor
Edit: Donex
Edit: Dunghill
Edit: Gold Feather
Edit: Gold Rebellion
Edit: Hunters International
Edit: Karakurt
Edit: Knight
Edit: Kuiper
Edit: Monti
Edit: NoEscape
Edit: Pilfering Scorpius
Edit: RansomCartel
Edit: Ransomed
Edit: Rhysida
Edit: Shining Spider
Edit: Zeppelin
New addition: 2023lock
New addition: APT73
New addition: Arcus media
New addition: Brain Cipher
New addition: Burning Scorpius
New addition: Cicada3301
New addition: D0nut
New addition: El Dorado
New addition: Embargo
New addition: Fog
New addition: Gold Crescent
New addition: Gold Sonata
New addition: Gold Tomahawk
New addition: Holiday Spider
New addition: KillSecurity
New addition: Kuza
New addition: LukaLocker
New addition: Lynx
New addition: MeowLeaks
New addition: Oceans
New addition: Phalcon
New addition: Procedural Scorpius
New addition: Pryx
New addition: RansomHub
New addition: Red
New addition: Repellent Scorpius
New addition: Spoiled Scorpius
New addition: Storm-1219
New addition: Trinity
New addition: Tuborg
New addition: Water Gatpanapun
New addition: Weary Scorpius
New addition: Zola
### *2024/03/21: V26* Edit: 3am
Edit: 8Base
Edit: BlackCat
Edit: BlogXX
Edit: Cactus
Edit: Cylance
Edit: Dark Angels
Edit: Knight
Edit: LockBit 3.0
Edit: Phobos
Edit: Radar
Edit: RagnarLocker
Edit: Rhysida
Edit: Trigona
New addition: BackMyData
New addition: BlackBerserk
New addition: BlackHunt
New addition: BlackOut
New addition: BlackShadow
New addition: BlueLocker
New addition: Ciphbit
New addition: Hunters International
New addition: Kasseika
New addition: Kuiper
New addition: Lambda
New addition: LockBit 4.0
New addition: LostTrust
New addition: MetaEncryptor
New addition: MyData
New addition: Proton
New addition: Proxima
New addition: RobbinHood
New addition: SugarLocker
New addition: Synapse
New addition: Trisec
New addition: Donex
### *2023/09/19: V25* Edit: Ako
Edit: Cheers
Edit: Cinnamon Tempest
Edit: Cl0p
Edit: DagonLocker
Edit: DoppelPaymer
Edit: Globe
Edit: GlobeImposter
Edit: Graceful Spider
Edit: Rook
Edit: Scarab
Edit: TommyLeaks
Edit: Vice Society
Edit: Vurten
New addition: 3AM
New addition: AstraLocker
New addition: ARCrypter
New addition: Bidon
New addition: Cloak
New addition: CryptWall
New addition: Dungeon Dragon
addition: Feral Spider
New addition: FreeWorld
New addition: Frozen Spider
New addition: Good Day
New addition: Hound Spider
New addition: INC
New addition: Key Group
New addition: Masked Spider
New addition: Megazord
New addition: Punk Spider
New addition: Quantum Spider
New addition: Vice Spider
New addition: Zeon
### *2023/08/03: V24* Edit: 8Base
Edit: BlackSuit
Edit: Cuba
Edit: FIN8
Edit: Industrial Spy
New addition: ARCrypter
New addition: BigHead
New addition: Brain Spider
New addition: CryptNet
New addition: Everbe
New addition: Everbe 2.0
New addition: Everest
New addition: Knight
New addition: Mangled Spider
New addition: Poop69
New addition: Radar
New addition: Storm-0506
New addition: Storm-0970
New addition: Storm-0978
New addition: Storm-1339
New addition: Venus
New addition: Zeoticus
New addition: Zeoticus 2.0
### *2023/06/28: V23* Edit: BlogXX
Edit: Mallox
Edit: Mountlocker
Edit: Rorschach
New addition: 8Base
New addition: BlackSuit
New addition: Cyclops
New addition: Darkrace
New addition: El Cometa
New addition: Industrial Spy
New addition: MalasLocker
New addition: NoEscape
New addition: Obsidian ORB
New addition: Rhysida
New addition: SamSam (Boss Spider)
New addition: Synack
New addition: Underground Team
New addition: Wannacry (Lazarus)
New addition: Xollam
### *2023/05/31: V22*
(许多更改...)
免责声明: 本图谱无意做到详尽无遗。其目标是展示相关勒索软件操作之间的关系,并非刻意列出 2015 年以来所有现存的勒索软件组织。各家族(strains)及相关威胁行为者(threat actors)的名称由我们从网络安全社区最常用的别名中任意选定。这并不意味着我们认可创建该别名的供应商。 提醒一下,在审视网络犯罪生态系统时,断言关系和归属(attribution)极其复杂:威胁行为者流动性极强且彼此关联,使得有效的协作难以定义和随时间追踪。 除我们的内部资源(监控、逆向工程、与大多数知名团伙相关的 Incident Response 介入)外,此映射还利用了来自事件响应人员、恶意软件分析师、CTI 研究人员等的大量公开和私人报告。我们注意到了利用可信来源仔细筛选、确证和核实此类情报,但仍可能存在细微错误或有争议的关联。 如有任何反馈,请直接发送给我们或通过开启 issue 告知。
**更新日志**: ### *2026/01/19: V29* Edit: Apos
Edit: BlackOut
Edit: BlackSuit
Edit: Cactus
Edit: Cryptnet
Edit: Dharma
Edit: Embargo
Edit: Hellokitty
Edit: Hunters International
Edit: LukaLocker
Edit: Makop
Edit: Nitrogen
Edit: Phobos
Edit: Qilin
Edit: Radar
Edit: Ransomed
Edit: Thanos
New addition: Agenda - May 2022
New addition: Ailock - June 2025
New addition: Anubis - December 2024
New addition: Arachna - September 2025
New addition: Arkana - March 2025
New addition: Aware - January 2026
New addition: Beast - July 2025
New addition: Benzona - - November 2025
New addition: Bert - March 2025
New addition: BlackField - October 2025
New addition: BlackNevas - July 2025
New addition: BlackShrantac - September 2025
New addition: BQTlock - July 2025
New addition: Brotherhood - October 2025
New addition: Cephalus - August 2025
New addition: Chaos - March 2025
New addition: Coinbase Cartel - September 2025
New addition: Cortex - April 2025
New addition: CrazyHunter - January 2025
New addition: Crypto24 - April 2025
New addition: DarkLulz - June 2025
New addition: DataCarry - May 2025
New addition: Desolator - August 2025
New addition: Devman 2.0 - December 2025
New addition: Devman - April 2025
New addition: Dire Wolf - May 2025
New addition: Evilbyte - March 2025
New addition: Genesis - October 2025
New addition: Gentlemen - September 2025
New addition: Global - June 2025
New addition: Gunra - May 2025
New addition: HelloGookie - April 2024
New addition: HexaLocker - August 2024
New addition: Imn Crew - March 2025
New addition: J Group - February 2025
New addition: KawaLocker - June 2025
New addition: Kazu - October 2025
New addition: Kraken - February 2025
New addition: Kryptos - October 2025
New addition: Leaknet - October 2025
New addition: Lockbit 5.0 - September 2025
New addition: Lunalock - September 2025
New addition: Mamona - March 2025
New addition: Marlock - September 2021
New addition: Mindware - May 2022
New addition: Minteye - December 2025
New addition: Monolock - October 2025
New addition: Ms13-089 - December 2025
New addition: Nightspire - February 2025
New addition: Obscura - August 2025
New addition: Orca - September 2024
New addition: Osiris - December 2025
New addition: Payouts King - July 2025
New addition: PEAR - July 2025
New addition: Prince - July 2024
New addition: Radiant - September 2025
New addition: RAlord - March 2025
New addition: Root - December 2025
New addition: Run Some Wares - February 2025
New addition: Satanlock - April 2025
New addition: Secp0 - March 2025
New addition: Securotrop - August 2025
New addition: SiegedSec - December 2023
New addition: Sinobi - July 2025
New addition: Skira - March 2025
New addition: Sparta - September 2022
New addition: TeamXXX - May 2025
New addition: Tengu - October 2025
New addition: Trident - December 2025
New addition: VanHelsing - March 2025
New addition: Vect - January 2026
New addition: Wallocker - July 2025
New addition: Warlock - June 2025
New addition: Werewolves - March 2023
New addition: Weyhro - March 2025
New addition: World Leaks - January 2025
New addition: Yurei - September 2025
### *2025/03/01: V28* Edit: 8base
Edit: Black Basta
Edit: Brain Spider
Edit: Chatty Spider
Edit: D0nut
Edit: DarkVault
Edit: Interlock
Edit: Jigsaw
Edit: LukaLocker
Edit: Monti
Edit: Monti
Edit: Pryx
Edit: Rancoz
Edit: Ransomware Blog
New addition: 0mega
New addition: Anubis
New addition: Apos Security
New addition: Arcane
New addition: Argonauts
New addition: BabyLockerKZ
New addition: Bashe
New addition: BlackLock
New addition: BlackTor
New addition: BlueBox
New addition: Chort
New addition: CoomingProject
New addition: Core
New addition: Cring
New addition: dAn0n
New addition: DeathGrip
New addition: Dragonforce
New addition: ElPaco
New addition: Eruption
New addition: Farattack
New addition: Frag
New addition: Fsociety
New addition: Funksec
New addition: GDLockerSec
New addition: Grinch
New addition: Hellcat
New addition: HellDown
New addition: Interlock
New addition: Kairos
New addition: Kraken
New addition: Kryptina
New addition: LeakedData
New addition: Linkc
New addition: LockBit 4.0
New addition: Malas
New addition: Marketo
New addition: Morpheus
New addition: Muliaka
New addition: Nitro Spider
New addition: Nitrogen
New addition: Phantom
New addition: PlayBoy
New addition: Qiulong
New addition: Ransomcortex
New addition: Sabbath
New addition: Safepay
New addition: Sarcoma
New addition: Slippery Scorpius
New addition: Space Bears
New addition: Stormous
New addition: Stumped Scorpius
New addition: Termite
New addition: Tycoon
New addition: UNC2190
New addition: Unsafe
New addition: Xelera
### *2024/09/18: V27* Edit: 8base
Edit: Abyss
Edit: Babuk
Edit: BianLian
Edit: BlackSuit
Edit: CryptNet
Edit: Dispossessor
Edit: Donex
Edit: Dunghill
Edit: Gold Feather
Edit: Gold Rebellion
Edit: Hunters International
Edit: Karakurt
Edit: Knight
Edit: Kuiper
Edit: Monti
Edit: NoEscape
Edit: Pilfering Scorpius
Edit: RansomCartel
Edit: Ransomed
Edit: Rhysida
Edit: Shining Spider
Edit: Zeppelin
New addition: 2023lock
New addition: APT73
New addition: Arcus media
New addition: Brain Cipher
New addition: Burning Scorpius
New addition: Cicada3301
New addition: D0nut
New addition: El Dorado
New addition: Embargo
New addition: Fog
New addition: Gold Crescent
New addition: Gold Sonata
New addition: Gold Tomahawk
New addition: Holiday Spider
New addition: KillSecurity
New addition: Kuza
New addition: LukaLocker
New addition: Lynx
New addition: MeowLeaks
New addition: Oceans
New addition: Phalcon
New addition: Procedural Scorpius
New addition: Pryx
New addition: RansomHub
New addition: Red
New addition: Repellent Scorpius
New addition: Spoiled Scorpius
New addition: Storm-1219
New addition: Trinity
New addition: Tuborg
New addition: Water Gatpanapun
New addition: Weary Scorpius
New addition: Zola
### *2024/03/21: V26* Edit: 3am
Edit: 8Base
Edit: BlackCat
Edit: BlogXX
Edit: Cactus
Edit: Cylance
Edit: Dark Angels
Edit: Knight
Edit: LockBit 3.0
Edit: Phobos
Edit: Radar
Edit: RagnarLocker
Edit: Rhysida
Edit: Trigona
New addition: BackMyData
New addition: BlackBerserk
New addition: BlackHunt
New addition: BlackOut
New addition: BlackShadow
New addition: BlueLocker
New addition: Ciphbit
New addition: Hunters International
New addition: Kasseika
New addition: Kuiper
New addition: Lambda
New addition: LockBit 4.0
New addition: LostTrust
New addition: MetaEncryptor
New addition: MyData
New addition: Proton
New addition: Proxima
New addition: RobbinHood
New addition: SugarLocker
New addition: Synapse
New addition: Trisec
New addition: Donex
### *2023/09/19: V25* Edit: Ako
Edit: Cheers
Edit: Cinnamon Tempest
Edit: Cl0p
Edit: DagonLocker
Edit: DoppelPaymer
Edit: Globe
Edit: GlobeImposter
Edit: Graceful Spider
Edit: Rook
Edit: Scarab
Edit: TommyLeaks
Edit: Vice Society
Edit: Vurten
New addition: 3AM
New addition: AstraLocker
New addition: ARCrypter
New addition: Bidon
New addition: Cloak
New addition: CryptWall
New addition: Dungeon Dragon
addition: Feral Spider
New addition: FreeWorld
New addition: Frozen Spider
New addition: Good Day
New addition: Hound Spider
New addition: INC
New addition: Key Group
New addition: Masked Spider
New addition: Megazord
New addition: Punk Spider
New addition: Quantum Spider
New addition: Vice Spider
New addition: Zeon
### *2023/08/03: V24* Edit: 8Base
Edit: BlackSuit
Edit: Cuba
Edit: FIN8
Edit: Industrial Spy
New addition: ARCrypter
New addition: BigHead
New addition: Brain Spider
New addition: CryptNet
New addition: Everbe
New addition: Everbe 2.0
New addition: Everest
New addition: Knight
New addition: Mangled Spider
New addition: Poop69
New addition: Radar
New addition: Storm-0506
New addition: Storm-0970
New addition: Storm-0978
New addition: Storm-1339
New addition: Venus
New addition: Zeoticus
New addition: Zeoticus 2.0
### *2023/06/28: V23* Edit: BlogXX
Edit: Mallox
Edit: Mountlocker
Edit: Rorschach
New addition: 8Base
New addition: BlackSuit
New addition: Cyclops
New addition: Darkrace
New addition: El Cometa
New addition: Industrial Spy
New addition: MalasLocker
New addition: NoEscape
New addition: Obsidian ORB
New addition: Rhysida
New addition: SamSam (Boss Spider)
New addition: Synack
New addition: Underground Team
New addition: Wannacry (Lazarus)
New addition: Xollam
### *2023/05/31: V22*
(许多更改...)
标签:CERT, DAST, Orange Cyberdefense, 关系图谱, 勒索病毒, 勒索软件, 基线检查, 威胁情报, 威胁组织, 安全可视化, 库, 应急响应, 开发者工具, 恶意软件分析, 情报共享, 攻击归因, 溯源分析, 生态系统图谱, 网络安全地图, 网络犯罪, 黑产研究, 黑客组织追踪