ransomcortex
Intelligence Profile
RansomCortex emerged in July 2024 with a narrow focus on healthcare facilities, claiming four victims within days of its first appearance including hospitals in Brazil and Canada, operating as a relatively small and niche group.
Threat Analysis
ransomcortex is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like ransomcortex prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Ransomware Victims (4)
CTIWATCH tracks 4 organizations claimed as victims by ransomcortex on its data leak site, with attack dates, sectors and countries.
View full victims list →