Skip to content
Ransomware group

Mogilevich

Mogilevich is referenced as a scam/impersonation-style ransomware actor active in early 2024 that allegedly defrauded other cybercriminals rather than conducting verified ransomware intrusions.

Profile source: Mallory opens in a new tab

Mogilevich

Family profile

Mogilevich is referenced as a scam/impersonation-style ransomware actor active in early 2024 that allegedly defrauded other cybercriminals rather than conducting verified ransomware intrusions. GuidePoint Security/GRIT cite Mogilevich as a precedent for affiliate-fraud behavior later seen in other purported ransomware brands (e.g., 0APT). The actor behind “Mogilevich” later admitted the operation was fraudulent and claimed to have netted at least $85,000. No specific victimology, tooling, intrusion TTPs, or confirmed breaches are described in the provided content beyond the characterization as a fraud operation targeting would-be affiliates/other criminals.

Ransomware.live

Operational record

View group record ↗

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.