HOMETHREATSATOMSILO
MALWARE FAMILY

ATOMSILO

Internal ID: win.atomsilo
1
victims
1
aliases
Last seen:Mar 17, 2026

Intelligence Profile

According to PCrisk, AtomSilo is a type of malware that blocks access to files by encrypting them and renames every encrypted file by appending the ".ATOMSILO" to its filename. It renames "1.jpg" to "1.jpg.ATOMSILO", "2.jpg" to "2.jpg.ATOMSILO", and so on. As its ransom note, AtomSilo creates the "README-FILE-#COMPUTER-NAME#-#CREATION-TIME#.hta" file.

Threat Analysis

ATOMSILO is a malware family tracked by threat intelligence researchers and catalogued in the Malpedia dataset. It represents a distinct malicious software lineage with identifiable code characteristics, behaviors, and victimology.

Ransomware Victims (1)

CTIWATCH tracks 1 organizations claimed as victims by ATOMSILO on its data leak site, with attack dates, sectors and countries.

View full victims list →

External References

Quick Facts

TypeMalware Family
Aliases1

Also Known As

win.atomsilo

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.