All ransomware groups
hellcat
20 tracked victims
·first seen 2024-10-25·last activity 2025-04-07Group profile
HellCat is a ransomware-as-a-service group that formed in Q4 2024 and quickly became notable for high-profile attacks against Schneider Electric, Telefónica, and Israel's Knesset, primarily gaining initial access via stolen Jira credentials harvested by infostealer malware, targeting critical infrastructure and government entities.
Recent victims
| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2025-04-07 |  Potomac Financial Servicespotomacfinancialadvisors.com | Financial Services | US |
| 2025-04-07 | P P**o***p**********.com | Financial Services | |
| 2025-04-07 |  CVTEcvte.com | Technology | CN |
| 2025-03-18 |  HighWire Presshighwirepress.com | Technology | US |
| 2025-04-05 |  Racamiracami.com | Technology | US |
| 2025-04-05 |  Assecoasseco.com | Technology | PL |
| 2025-04-05 |  LeoVegas ABleovegasgroup.com | Telecommunication | SE |
| 2025-03-29 |  Transsion Holdingstranssion.com | Technology | CN |
| 2025-03-24 |  Grupo Santillanasantillana.com | Education | ES |
| 2025-03-24 |  Omnitracsomnitracs.com | Technology | US |
| 2025-03-17 |  Electronics For Imagingefi.com | Technology | US |
| 2025-03-15 |  Ascom Holding AGascom.com | Technology | CH |
| 2025-02-25 |  OneDealeronedealer.com | Consumer Services | DE |
| 2024-12-26 |  Car Care Plan - Turkeycarcareplan.com.tr | Consumer Services | TR |
| 2024-12-25 |  Sistem Informasi Pengelolaan Keuangan Daerah (SIPKD)kemendagri.go.id | Public Sector | ID |
| 2024-12-25 |  Pinger - USApinger.com | Business Services | US |
| 2024-11-04 |  College of Business - Tanzaniacbe.ac.tz | Education | TZ |
| 2024-11-04 |  Ministry of Education - Jordanmoe.gov.jo | Education | JO |
| 2024-11-04 |  Schneider Electric - Francese.com | Energy | FR |
| 2024-10-25 |  The Knesset - Israelknesset.gov.il | Public Sector | IL |