Skip to content
Ransomware group

NightSky

Night Sky is a China-nexus ransomware group (attributed to the "Emperor Dragonfly" cluster) that emerged in late 2021, gaining notoriety in early 2022 by exploiting the Log4Shell vulnerability (CVE-2021-44228) to target corporate networks across healthcare, finance, government, and manufacturing using multi-extortion tactics.

Profile source: Ransomware.live opens in a new tab

NightSky

Family profile

Night Sky is a China-nexus ransomware group (attributed to the "Emperor Dragonfly" cluster) that emerged in late 2021, gaining notoriety in early 2022 by exploiting the Log4Shell vulnerability (CVE-2021-44228) to target corporate networks across healthcare, finance, government, and manufacturing using multi-extortion tactics.

Ransomware.live

Operational record

View group record ↗

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.