RANSOMWARE OPERATION💰 FINANCIAL
j group
3
victims
1
aliases
Intelligence Profile
j group — tracked by MISP Galaxy (ransomware).
Threat Analysis
j group is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like j group prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Ransomware Victims (3)
CTIWATCH tracks 3 organizations claimed as victims by j group on its data leak site, with attack dates, sectors and countries.
View full victims list →External References
Quick Facts
TypeRansomware Operation
Motivation💰 financial
Aliases1
Also Known As
j group
DLS Infrastructure
○ OFFLINEtwniiyed6mydtbe64i5mdl56nihl7atfaqtpww6gqyaiohgc75apzpad.onion
○ OFFLINEw4d5aqmdxkcsc2xwcz7w7jo6wdmvmakgy3y6mfmdtzmyvxe77cjkfbad.onion
● ONLINEshare.jtor.xyz
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.