Brain Cipher

13/39 degraded parser

Compare Crypto

66posts (all time)

6last 30 days

3last 7 days

33% avg uptime 30d

Activity · last 30 days last post 2026-06-22 21:50

Parsing: enabled

View crypto

Description

Brain Cipher ransomware surfaced in mid-2024, rapidly gaining notoriety after a high-impact attack on Indonesia’s National Data Center, which disrupted over 160 government services including immigration systems. The group operates with a double-extortion model, encrypting data using a LockBit 3.0-based payload (Salsa20/RSA hybrid) and threatening leaks via a Tor-hosted portal. Distinct behaviors include encrypting both file contents and filenames, and customizing encrypted file names with appended random extensions. Initial access methods include phishing and purchases from initial-access brokers. Ransom demands have ranged from tens of thousands up to $8 million USD, though victims have sometimes been offered decryption keys without payment. Victims span sectors such as government, healthcare, education, media, and manufacturing across Southeast Asia, Europe, and the Americas.

External Analysis6

External Analysis
https://www.sentinelone.com/anthology/brain-cipher/
https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/brain-cipher
https://www.vectra.ai/modern-attack/threat-actors/brain-cipher
https://www.group-ib.com/masked-actors/brain-cipher/
https://wazuh.com/blog/detecting-brain-cipher-ransomware-with-wazuh/
https://www.reuters.com/technology/cybersecurity/indonesia-says-it-has-begun-recovering-data-after-major-ransomware-attack-2024-07-12/

Mail3

Mail
brain.support@cyberfear.com
brain.dataleak@cyberfear.com
brain.decrypt@cyberfear.com

Urls2

Url	Status	Screen	Uptime 30d	Health
http://mybmtbgd7aprdnw2ekxht5qap5daam2wch25coqerrq2zdioanob34ad.onion/	Down		0%
http://vkvsgl7lhipjirmz6j5ubp3w3bwvxgcdbpi3fsbqngfynetqtw4w5hyd.onion/	Up		100%

File servers34

Url	Status	Uptime 30d
http://cuuhrxbg52c5agytmtjpwfu7mrs4xtaitc4mukkiy2kqdxeqbcmuhaid.onion/	Down	0%
http://4ldgw2wuidqu5ef3rzx4byonf3y7rdnh43jiw2z4sbtjiwic6gkov7yd.onion/c/lgc2Yxua65agt4XMOMkQKJjsdrV2IzYk	Down	0%
http://4ldgw2wuidqu5ef3rzx4byonf3y7rdnh43jiw2z4sbtjiwic6gkov7yd.onion/	Down	0%
http://zktnif5vckhmz5tyrukp5bamatbfhkxjnb23rspsanyzywcrx3bvtqad.onion/	Down	0%
http://yt7beb7fj6xbh4dndrlyvl3gn4ck36qn2oqheiqjs4bp3wspj3wgpcad.onion/	Down	0%
http://i6b4r6blgmm3r62zj42qxn6bvcbcrslcg6b6uwqws6xhnxz2howbhkid.onion/	Down	0%
http://pzghjpkm2liszmvjsttflp475zqxgrywjhr7xagc4bqfb2a7aw3qysyd.onion/	Down	0%
http://5v6tgs5xyuvl7kpg5b26e54kddlxdvktep2qmglawrohksv3qjwvw7qd.onion/	Down	0%
http://lhdv4ydjx5idzvntdrmcbwsh3dhdi3ww5hoz3ws2d5q5jlfewdacx4qd.onion/	Down	0%
http://oe7kcuvnulmdzir6zkewv5p353kc7qjf5tyqxfxabhzsm26pji44elqd.onion/	Down	0%
http://zv27q4tjvqxelm2imgztfg7gtl3v56oqabe77hiufqoqilis2dgcdsad.onion/	Down	0%
http://ubetdhmgnry4jk7ya7gh7p4hm4c3c57srkw62oc6hjmvvvkrqeybjjid.onion/	Down	0%
http://ixvarmokkir6t6fzpn7prussp3ulys66aeivrhcvrmfowqi2gi2fgryd.onion/	Down	0%
http://tahr6kwobsi7fj5j3hoyzxr34ipyiyuv2svhteht5td4etq23bcx7tyd.onion/	Down	0%
http://ncyg34lipi3w2u7yvxl3swr6wj6lsoeix3grrdsn6nmcv4r7vntanoid.onion/	Down	0%
http://bgpeqy3d5svuikeaueitix6zosg3pzekw77viulnucsiqsn4sjr65iyd.onion/	Down	0%
http://as7fbsjvifse52ek5qnptfgvkduvvnl56adb3jjgk6k3p7bisipvotyd.onion/	Down	0%
http://xangddavm54rgsju7iceahxztbqrcflzunffwbaswwhhftieygc4j3ad.onion/	Down	0%
http://q226mkoikzgyu33jin7ox3qo6tea7yhlgz52p5lslpj73edtocsz4wqd.onion/	Down	0%
http://hdgfvxxkepllbvqvk7vrudgwq55tg4joo4xpajaa3nv5gzpake66bnid.onion/	Down	0%
http://jgkgqztfmwk53wlttsjo6i3nmwtzoch2oi2bocqzb4zmp6kfspuiaead.onion/	Down	0%
http://zke5xim35cfolmq2h5i5sfmcoxr4pbpkfjwtq5lf6o4zo7avfcvnb5qd.onion/	Down	0%
http://3frnhzcnlkjnw5q3tm6elzizinm2k3bmrtf2xwqjzpcxzeqwn2tv6wyd.onion/	Up	97%
http://6ft2dfh26wm3w44orpjcgviutvfp25ez2iyh5ego5egvfmifrws7vvqd.onion/	Up	97%
http://zijgmuqjzb6dc7pofxhtaiz36qqyg35lhutybmzaz6whzgei2casjgid.onion/	Up	97%
http://inzk64xcf3sm6qzkehmio7piwhkslhnab3rlviniyg7alcgsxvy7kcyd.onion/	Up	97%
http://upiqcdsgvh6v5owteasjzyxbj2xug574dj4fctthehd7zjq7wmuxbwqd.onion/	Up	97%
http://psv5ejeysrncs6ltu4pkjyazswcmw3atmxi4eg44a6luudin5ufchcqd.onion/	Up	97%
http://lhsxojxowgtwdqlryl72d2v5cpgqv3sll4d47yyqdisersigvfbl5uid.onion/	Up	100%
http://mejouwrwja4iou7myj34rqi7cixyhn7vsa42e2n2dhxzc5mmkiaki3yd.onion/	Up	100%
http://3fg2gfwrdks46drwvejpgpak5klrflclsjjo35dxtqfk3poeez6oezad.onion/	Up	100%
http://emdnfl2fv32jhssxcbxlo6dzg2at4d7qbw2md6inz63qzdfgyln5cwyd.onion/	Up	100%
http://a4vbe7yp4kluped6khuhpr5nmzshiimx2jt5j22ozriiq6ngsm3fcpyd.onion/	Up	100%
http://x3nb7qcygpem2j5xzstyzdtgzofzkwkx4eko3ug4r73i6uhcgvyffjyd.onion/	Up	100%

Chat servers3

Url	Status	Uptime 30d
http://p6wmotxzvg34tdmpwm4beqgrcyp5iys43snkccsahnw74la3k3xx6pad.onion	Down	0%
http://brain4zoadgr6clxecixffvxjsw43cflyprnpfeak72nfh664kqqriyd.onion/	Down	0%
http://braincgksuixxkpkme7zlpkh7u47oryxx574d74ws4eal4t2mxyahbqd.onion	Down	0%

Activity (interactive) 66

Posts66

Date	Title	Description
2026-06-22	sterlinggloballtd.com	We have 100gb files and documents. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-06-22	eggetttax.ca	330,000 documents and files of this company, with a total size of over 250 GB. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-06-19	themintgaming.com	Once the timer runs out, we will publish the latest Oasis 360 by Aristocrat database belonging to The Mint Gaming Hall, which contains the personal data of more than 250,000 player...
2026-06-15	anglomoil.com	We have more than 100 thousand documents from Anglomoil, Avantage Global and Avantage Marine Group, whose director is Victor Prasad. If you think you are here by mistake, please co...
2026-06-15	alu-rex.com	We have 150gb files and documents. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-06-01	squamish.net	We have a lot of confidential documents. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-05-21	sheppadviser.com.au	We have more 350GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-05-12	ice.org.uk	We have more 1TB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-04-25	bridgeway-consulting.co.uk	We have 500GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-04-06	soundinsurance.ca	We have 500GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-04-06	endeavourautomotive.co.uk	We have 150GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-04-06	eworldme.com	We have 300GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-03-05	liteline.com	We have 350GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-03-05	westonconsulting.com	We have 800GB of data. If you think you are here by mistake, please contact us at brain.dataleak@cyberfear.com
2026-02-19	exceldor.ca	We have about 1.5 TB of data from the company's servers. We will publish some of it in the near future. If you think you are here by mistake, please contact us at brain.dataleak@cy...
2026-01-22	flbgroup.com
2026-01-22	kisnet.co.jp
2026-01-22	nwlr.ca
2025-10-30	fsbgroup.ca
2025-10-30	semag.fr
2025-10-30	axxia.fr
2025-10-20	oxfordcounty.ca
2025-10-20	cdom.org
2025-09-16	bmsi.org
2025-08-04	bw-lv.de
2025-07-28	VIRTUALWEB.US
2025-07-25	jorgefernandez.es
2025-05-03	ddecor.com
2025-05-03	ruizre.es
2025-05-03	soundtransit.org
2025-05-03	valedolobo.com
2025-05-03	edisoft.es
2025-05-03	iycsa.com.co
2025-04-11	mbmdubai.com
2025-02-25	neatem.fr \| Update!
2025-02-19	Pulmonary Physicians of South Florida Clinics \| Data security breach!
2025-02-17	neatem.fr
2025-02-17	Cirion Technologies
2024-12-23	It seems that it was easier to pay and calmly fix everything.
2024-12-17	Modern Dental Group Limited
2024-12-12	Estar Seguros, S.A.
2024-12-12	Cristal y Lavisa S.A. de C.V.
2024-12-04	Deloitte UK
2024-12-03	Royce Corporation
2024-12-02	G-ONE AUTO PARTS DE MÉXICO, S.A. DE C.V.
2024-11-13	COOPERATIVA TELEFONICA DE CALAFATE LTD.
2024-11-13	G-One Auto Parts de México S.A. de C.V.
2024-10-29	Berridge Manufacturing Co.
2024-10-28	K&S Tool & Mfg Co.
2024-10-28	Basilio Advogados
2024-10-28	CHRISTODOULOS G. VASSILIADES & CO. LLC
2024-09-22	hanwa.co.th
2024-08-28	rmn.fr
2024-08-27	ghanare.com
2024-08-21	beinlaw.co.il - Prof. Bein & Co.
2024-08-17	tiendasmacuto.com
2024-08-12	fabamaq.com
2024-08-12	cyceron.fr
2024-07-25	Sherbrooke Metals
2024-07-25	Apex Global \| Big leak outlooks - 2tb.
2024-07-25	Cole Technologies Group
2024-07-25	Family Wealth Advisors Ltd.
2024-07-25	Mars 2 LLC
2024-07-03	Kominfo - 2	Very expensive advertising.
2024-07-03	Your advertisement	Space for your advertising.
2024-07-02	Kominfo	More important than money, only honor.