All ransomware groups
cephalus
19 tracked victims
·first seen 2025-06-28·last activity 2025-08-29Group profile
Cephalus is a ransomware group active from mid-2025 that leverages stolen RDP credentials to deploy a Go-based ransomware payload via DLL sideloading, targeting law firms, healthcare, financial services, and IT firms across the US and Japan with 19 known victims.
Recent victims
| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2025-08-29 |  One-LUXone-lux.com | Not Found | GB |
| 2025-08-29 |  Shropdocshropdoc.org.uk | Healthcare | GB |
| 2025-08-29 |  Shelbourne Accountantsshelbourneaccountants.ie | Financial Services | IE |
| 2025-08-29 |  Delta Information Systemsacroamatics.com | Technology | US |
| 2025-08-28 |  Colorado Health Network Inccoloradohealthnetwork.org | Healthcare | US |
| 2025-08-28 |  Texas Pregnancy Care Networktexaspregnancy.org | Healthcare | US |
| 2025-08-28 |  wilderlawfirmwilderlawfirm.com | Not Found | US |
| 2025-08-28 |  CoCo Yachtswww.cocoyachts.com | Manufacturing | NL |
| 2025-08-26 |  txpregnancy.org - Fake Abortion Clinics Exposedtxpregnancy.org | Not Found | US |
| 2025-08-26 |  Town of Vienna, VAviennava.gov | Public Sector | US |
| 2025-08-26 |  Lewis Baach Kaufmann Middlemiss PLLClbkmlaw.com | Business Services | US |
| 2025-08-20 |  Lee & Associateslee-irvine.com | Business Services | US |
| 2025-08-26 |  Sherman, Silverstein, Kohl, Rose & Podolsky, P.A.sskrplaw.com | Business Services | US |
| 2025-08-26 |  Guerrero Mears LLPgmllp.com | Business Services | US |
| 2025-08-26 |  LPL Financialbalancedsolutions4me.com | Financial Services | US |
| 2025-08-26 |  K Strategies Marketing and Public Relationskstrategies.com | Business Services | US |
| 2025-08-26 |  BAR Architects & Interiorsbararch.com | Construction | |
| 2025-08-26 |  SystemExec Co., Ltd.system-exe.co.jp | Technology | JP |
| 2025-06-28 |  CareSTL Healthcarestlhealth.org | Healthcare | US |