All ransomware groups
mountlocker
18 tracked victims
·first seen 2021-02-07·last activity 2022-02-08Group profile
MountLocker operated as a ransomware-as-a-service from July 2020, using a standard developer/affiliate revenue split and leveraging compromised RDP credentials for initial access, propagating laterally via Windows Active Directory APIs and targeting over 2,600 file extensions.
Recent victims
| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2022-02-08 | D Dassault Falcon Jet | Manufacturing | |
| 2021-09-09 | M Memry Corporation | Manufacturing | |
| 2021-09-09 | T ThyssenKrupp System Engineering | Manufacturing | |
| 2021-09-09 | C Century 3, Inc. | Manufacturing | |
| 2021-09-09 | A Amey plc | Construction | |
| 2021-09-09 | T Transtar1 | Transportation/Logistics | |
| 2021-09-09 | W Wasserstorm | Consumer Services | |
| 2021-09-09 | M MERSEN | Manufacturing | |
| 2021-09-09 | G Geotech Engineering and Testing | Construction | |
| 2021-09-09 | L Laboratorios SMA S.A.C. | Healthcare | |
| 2021-09-09 | M Makalot | Manufacturing | |
| 2021-09-09 | G Gunnebo AB | Manufacturing | |
| 2021-09-09 | E Enerstar Rentals & Services | Business Services | |
| 2021-09-09 | F Forrester Construction | Construction | |
| 2021-09-09 | H Homeland Title | Financial Services | |
| 2021-09-09 |  FAPS Inc.fapsinc.com | Manufacturing | |
| 2021-09-09 | N Nachi America Inc. | Manufacturing | |
| 2021-02-07 | E ECU Worldwide | Transportation/Logistics |