Holyghost
HolyGhost (tracked by Microsoft as DEV-0530) is a North Korean state-linked ransomware group active since June 2021, associated with the Andariel threat group, targeting small to mid-sized businesses in financial services, manufacturing, education, and entertainment globally.
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
HolyGhost | No | 2026-04-28T07:24:09 |
matmq3z3hiovia3voe2tix2x54sghc3tszj74xgdy4tqtypoycszqzqd.onion
|