All ransomware groups
icefire
11 tracked victims
·first seen 2022-08-20·last activity 2022-08-20Group profile
IceFire is a ransomware group first observed in 2022 that expanded to Linux in early 2023 by exploiting a vulnerability in IBM Aspera Faspex (CVE-2022-47986), targeting media and entertainment organizations in Turkey, Iran, Pakistan, and the UAE using double-extortion tactics.
Recent victims
| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2022-08-20 | * *.algotrader.com | Technology | |
| 2022-08-20 | * *.bestservers.pro | Technology | |
| 2022-08-20 | * *.iperactive.com.ar | Technology | |
| 2022-08-20 | * *.cco1.com | Technology | |
| 2022-08-20 | * *.vps-vds.com | Technology | |
| 2022-08-20 | * *.guneshosting.com | Technology | |
| 2022-08-20 | * *.kodhosting.com | Technology | |
| 2022-08-20 | * *.kru.ac.th | Education | |
| 2022-08-20 | * *.directfn.net | Financial Services | |
| 2022-08-20 | * *.feesh.ch | Consumer Services | |
| 2022-08-20 | * *.skifgroup.com | Manufacturing |