Skip to content
Ransomware group

J

J is a ransomware/extortion threat actor referenced in 2025 reporting as part of the broader fragmentation of the ransomware ecosystem into smaller, rapidly emerging groups.

Profile source: Mallory opens in a new tab

J

Family profile

J is a ransomware/extortion threat actor referenced in 2025 reporting as part of the broader fragmentation of the ransomware ecosystem into smaller, rapidly emerging groups. The actor is described as being better understood through victimology rather than technical writeups, and in some cases functioning primarily as a leak-site identity rather than a stable, consistently identifiable malware family. In 2025, J is specifically cited among “new ransomware groups” that relied on data theft and leak-based extortion without deploying ransomware lockers (i.e., extortion-only operations). Separately, a related/associated strain referred to as “J-Ransom” is described as using the file extension “.LoveYou,” with one publicly indexed sample associated with MD5 4924B945CFDC5BFECE03F5140A546384.

Ransomware.live

Operational record

View group record ↗

Ransomware.live

Published indicators

Full source record ↗

Md5

6 total
  • d69ebd183b2e0072c396e55503d5ede7
  • aa63680c9b15034463d46847e7534975
  • f0f300206af1eed81b7b74357df437da
  • 538f8b4fbe62595021ffa36682bf518f
  • aeb06e5cdd5da2bc5259516fb738ac78
  • 2238997aec239bb5ebd7589f754bf606

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.