Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Pay2key

Pay2Key is ransomware that has been used by the threat actor Fox Kitten. The group seems to operate since July 2020, targetting mainly Israeli companies. Pay2Key has a darknet leak site to public stolen and sensitive information of their victims. Some of their victims: Intel - Habana Labs, IAI - Israel Aerospace Industries, Portnox - Network Security Solutions.
External information

Victims
 

7

First Discovered
victim

2020-12-13

Last Discovered
victim

2021-09-09

Avg Delay
between attack and claim

N/A

Infostealer
for victim with domain

N/A

View Victims on World Map

View group statistics

Known Locations (1)
Favicon Title Type Available Last Visit FQDN
favicon Pay2Key Leak Directory! No 2025-06-01 21:19:12 pay2key2zkg7arp3kv3cuugdaqwuesifnbofun4j6yjdw5ry7zw2asid.onion
Target (Available)
Top 5 Activity Sectors
  • Information Technology 1
Top 5 Countries
  • IL flag Israel 1
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (0)

No IoCs available for this group.

Victims (7)
Logo
MT-LAW [Markman&Tomashin Law Firm] Pay2key
Discovery Date: 2021-09-09
N/A
Logo
INTER - InterElectric Pay2key
Discovery Date: 2021-09-09
N/A
Logo
InfiApps - Joyvoo Pay2key
Discovery Date: 2021-09-09
N/A
Logo
Intel - Habana Labs Pay2key
Discovery Date: 2021-09-09
N/A
Logo
IAI - Israel Aerospace Industries Pay2key
Discovery Date: 2021-09-09
N/A
Logo
Portnox - Network Security Solutions Pay2key
Discovery Date: 2021-09-09
N/A
Logo
Habana Labs Pay2key
Discovery Date: 2020-12-13
N/A
IL