vanirgroup Ransomware — Threat Intelligence Profile

Overview

Vanir Group is a ransomware and data extortion threat actor that emerged in 2024. They operate a TOR-based leak site and have listed victims across manufacturing and professional services sectors.

Tactics, Techniques & Procedures

Double extortion, leak site operations

Primary Targets

Manufacturing, Professional Services

Indicators of Compromise

Custom ransomware payload

MITRE ATT&CK Techniques

T1486
T1041

Quick Reference

Status	ACTIVE
Type	Ransomware / Data Extortion
First Seen	2024
Victims Tracked	Monitored

Dark Web Presence

http://6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion
http://6xdpj3sb5kekvq5ulym5qqmzsv6ektjgvpmajns3qrafgxtyxrhokfqd.onion/assets/index-6d8af759.js

Under Attack?

If you believe vanirgroup has targeted your organisation, contact Binary Response immediately.

Emergency Response Dark Web Monitoring →

Related Threat Actors

LockBit Rhysida Akira DragonForce View All →