HOMETHREATSmount-locker
RANSOMWARE OPERATION💰 FINANCIAL

mount-locker

Limited data

Threat Analysis

mount-locker is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.

Financially motivated threat actors like mount-locker prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.

Quick Facts

TypeRansomware Operation
Motivation💰 financial

DLS Infrastructure

○ OFFLINEmountnewsokhwilx.onion

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.