Tox
1 total8F514E8FDA683D7C5957CE9560EB5941B4840DB0C3CEDEFB57FD8E2D8CF5884B44D99B872E93
Radar is a cybercriminal threat actor identified in the provided reporting as both a ransomware group and an initial access broker (IAB).
Profile source: Mallory opens in a new tabRADAR
Radar is a cybercriminal threat actor identified in the provided reporting as both a ransomware group and an initial access broker (IAB). Reporting cited in the content states that four new ransomware groups emerged in 2025, including Radar. Separate reporting describes RADAR as a known IAB that listed RDP access to a Swiss company for sale in mid-October; that victim reportedly appeared on RansomHub’s leak site just over a month later, indicating a likely handoff of access to a downstream ransomware operator. The content also states that the RADAR group carried out a cluster of attacks against the real estate sector. Based on the provided material, Radar’s observed activity includes brokering or selling compromised remote access, specifically RDP access, and conducting attacks associated with the real estate sector. No nation-state attribution is provided in the content, and no additional aliases or sub-groups are mentioned beyond the name RADAR/Radar.
Ransomware.live
Ransomware.live
8F514E8FDA683D7C5957CE9560EB5941B4840DB0C3CEDEFB57FD8E2D8CF5884B44D99B872E9305e4f38090e06156b94ebf76e93ab4ccb761d761b886bbabf2df41c2bc341e8b30Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.