Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Pay2key

Pay2Key is ransomware that has been used by the threat actor Fox Kitten. The group seems to operate since July 2020, targetting mainly Israeli companies. Pay2Key has a darknet leak site to public stolen and sensitive information of their victims. Some of their victims: Intel - Habana Labs, IAI - Israel Aerospace Industries, Portnox - Network Security Solutions.
External information

Victims
7
 
First Discovered
2020-12-13
victim
Last Discovered
2021-09-09
victim
Inactive Since
4yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
1
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Pay2Key Leak Directory! No 2026-04-28T07:25:39 pay2key2zkg7arp3kv3cuugdaqwuesifnbofun4j6yjdw5ry7zw2asid.onion
Target
Top 5 Activity Sectors
  • Technology 4
  • Business Services 1
  • Energy 1
  • Manufacturing 1
Top 5 Countries
  • IL flag Israel 1
Heatmap
YARA Rules (1)
Victims (7)
Logo
MT-LAW [Markman&Tomashin Law Firm]
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
INTER - InterElectric
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
InfiApps - Joyvoo
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
Intel - Habana Labs
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
IAI - Israel Aerospace Industries
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
Portnox - Network Security Solutions
Pay2key
Discovered: 2021-09-09 (4y ago)
No description available
Logo
Habana Labs IL
Pay2key
Discovered: 2020-12-13 (5y ago)
No description available