APT / THREAT GROUP

JCrypt

16
aliases

Intelligence Profile

Ransomware written in C#. Fortunately, all current versions of the MafiaWare666 ransomware are decryptable. The Threat Lab from Avast has developed a free decryption tool for this malware.

Threat Analysis

JCrypt is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases16

Also Known As

Mafiaware666MALKIRIP lmaoDaddycryptJCryptFoxxyPoisonWearefriendsNotStonksLockedIam_watchingMALWAREDEVELOPEROmeroNcovidVn_osCrypted

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.