Braincipher
Brain Cipher emerged in July 2024. Both Windows and Linux variants are available. Brain Cipher using the leaked build of LockBit Black for their operations. The group suspected to have exploited CVE-2023-28252 (Microsoft Windows CLFS Driver Privilege Escalation Vulnerability). The Ransom demand ranges from $150,000 to $1,00,0000. Demand to be paid with Monero (XMR) cryptocurrency. In 2025, they have shifted their new Negotiation portal to new server with vanity TOR Domain starting with 'brain'.
Victims
44
First Discovered
2024-07-01
victim
Last Discovered
2025-10-29
victim
Inactive Since
160
days
Avg Delay
43.5
days
Infostealer
27.5%
victims with domain
Known Locations (8)
Target (Available)
Top 5 Activity Sectors
- Business Services 8
- Manufacturing 7
- Technology 6
- Healthcare 3
- Financial 2
Top 5 Countries
-
United States
8
-
France
5
-
Mexico
4
-
Spain
3
-
Israel
2
Heatmap (Available)
Ransom Notes (3)
Tools Used (Not Available)
No tools used available.
Vulnerabilities Exploited (0)
No vulnerabilities exploited available.
TTPs Matrix (4)
| Execution | Defense Evasion | Discovery | Impact |
|---|---|---|---|
| User Execution | Impair Defenses: Disable or Modify Tools | File and Directory Discovery | Data Encrypted for Impact |
| Indicator Removal: File Deletion |
Negotiation Chats (0)
No negotiation chats available.
YARA Rules (0)
No YARA rules available.
Indicators of Compromise (IoCs) (15)
EMAIL
3
MD5
12
Victims (44)
[AI generated] Oxford County represents the best of both worlds: urban communities full of life, ent…
[AI generated] "Jorgefernandez.es" is a Spain-based company engaged in the distribution of home impr…
[AI generated] D'Decor is a leading home decor company known for its innovative and stylish range of…
[AI generated] Ruizre.es is a real estate company based in Valencia, Spain that specializes in prope…
[AI generated] Sound Transit, operating under the domain "soundtransit.org", is a mass transit agenc…
[AI generated] "Valedolobo.com" is the online platform for the Vale do Lobo resort located in Portug…
[AI generated] Edisoft is a Spanish technological company specializing in development and implementa…
Provides support and resources for health, financial aid, and social services in Rhode Island.…
[AI generated] Modern Dental Group Limited is a global dental service provider headquartered in Hong…
[AI generated] Estar Seguros, S.A. is an insurance company that specializes in providing a range of …
[AI generated] Cristal y Lavisa S.A. de C.V. is a Mexican company specializing in the production and…
[AI generated] Deloitte UK is a leading professional services firm, part of the global Deloitte netw…
[AI generated] Royce Corporation is a global trading company specializing in the distribution and ma…
[AI generated] G-ONE Auto Parts de México, S.A. de C.V. is a company based in Mexico specializing in…
[AI generated] COOPERATIVA TELEFONICA DE CALAFATE LTD. is a telecommunications cooperative based in …
[AI generated] G-One Auto Parts de México S.A. de C.V. is a Mexican company specializing in the dist…
[IA generated] Berridge Manufacturing Co. specializes in the production of high-quality metal roofin…
[IA generated] K&S Tool & Mfg Co. is a company specializing in precision manufacturing and tooling s…
[IA generated] Basilio Advogados is a prominent law firm based in Brazil, known for its expertise in…
[IA generated] CHRISTODOULOS G. VASSILIADES & CO. LLC is a prominent law firm based in Cyprus, speci…
Hanwa Co., Ltd. (Thailand) is a subsidiary of Hanwa Co., Ltd., a Japan-based global trading company.…
Réunion des Musées Nationaux-Grand Palais (RMN-GP) is a French cultural institution dedicated to man…
Ghanare.com is an online platform dedicated to providing comprehensive real estate services in Ghana…
Prof. Bein & Co., accessible via beinlaw.co.il, is a reputable law firm based in Israel. It speciali…
Tiendasmacuto.com is an online retail store specializing in outdoor and adventure gear. They offer a…
