Genera un perfil del actor con IA (defensivo) cuando lo pidas.
Este grupo no tiene TTPs curadas. Puedes generar un mapeo MITRE ESTIMADO por IA (no confirmado) a partir de su descripción/notas, solo cuando lo pidas.
Firma de detección defensiva para este grupo (úsala en tu EDR/SIEM). Fuente: ransomware.live.
/*
ElDorado ransomware (Go-based, ESXi)
*/
rule ElDorado_Ransomnote
{
meta:
author = "ransomware.live"
family = "ransomware.eldorado"
description = "Detects ElDorado ransomware ransom note"
date = "2026-05-04"
severity = 7
score = 70
strings:
$s1 = "ElDorado" ascii nocase
$s2 = "ELDORADO" ascii
$s3 = "eldorado.onion" ascii nocase
$s4 = "HOW_TO_RECOVER.txt" ascii nocase
condition:
any of them
}
To the board of directors.
Your network has been attacked through various vulnerabilities found in your system.
We have gained full access to the entire network infrastructure.
All your confidential information about all employees and all partners and developments has been downloaded to our servers and is located with us.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Our team has an extensive background in legal and so called white hat hacking.
However, clients usually considered the found vulnerabilities to be minor and poorlyr\n
paid for our services.
So we decided to change our business model. Now you understand how important it isr\n
to allocate a good budget for IT security.
This is serious business for us and we really don't want to ruin your privacy,r\n
reputation and a company.
We just want to get paid for our work whist finding vulnerabilities in various networks.
Your files are currently encrypted with our tailor made state of the art algorithm.
Don't try to terminate unknown processes, don't shutdown the servers, do not unplug drives,
all this can lead to partial or complete data loss.
We have also managed to download a large amount of various, crucial data from your network.
A complete list of files and samples will be provided upon request.
We can decrypt a couple of files for free. The size of each file must be no more than 5 megabytes.
All your data will be successfully decrypted immediately after your payment.
You will also receive a detailed list of vulnerabilities used to gain access to your network.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
If you refuse to cooperate with us, it will lead to the following consequences for your company:
1. All data downloaded from your network will be published for free or even sold
2. Your system will be re-attacked continuously, now that we know all your weak spotsr
3. We will also attack your partners and suppliers using info obtained from your network
4. It can lead to legal actions against you for data breaches
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
!!!!Instructions for contacting our team!!!!
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
---> Download and install TOR browser from this site : [redactado]
---> For contact us via LIVE CHAT open our website : [redactado]
---> If Tor is restricted in your area, use VPN
---> All your Data will be published in 7 Days if NO contact made
---> Your Decryption keys will be permanently destroyed in 3 Days if no contact made
---> Your Data will be published if you will hire third-party negotiators to contact usEnergy, Utilities & Waste · Argentina 638 Employees HASA (Hidrocarburos Argentinos SA) is a company that operates in the Energy, Utilities & Waste industry. It employs 500to999 people and has 25Mto50M of revenue. The company is headquartered in Buenos Aires, Buenos Aires F.D., Argentina. Revenue $35.1 Million
Grocery Retail · Peru · 347 Employees Control Union Perú SAC is a company that operates in the Grocery Retail industry. It employs 250to499 people and has 10Mto25M of revenue. The company is headquartered in Miraflores, Lima region, Peru. Revenue $19.1 Million
| Organización | País | Sector | Grupo | Descubierta |
|---|---|---|---|---|
| HIDROCARBUROS ARGENTINOS S.A. | AR | Energy | — | 4 ene 2025 |
| Perú Controls S.A.C. | PE | Manufacturing | — | 4 ene 2025 |
| Data Campos Sistemas | BR | Technology | — | 18 nov 2024 |
| datacampos.com | BR | Technology | — | 30 sept 2024 |
| www.datacampos.com | UY | Agriculture and Food Production | — | 23 sept 2024 |
Las direcciones de los sitios de filtración (.onion) se conocen pero no se publican ni se enlazan. Solo se muestran metadatos públicos. ética
A commitment to innovation and sustainability Études is a pioneering company that seamlessly unites creativity and functionality to redefine architectural excellence.
Datacampos.com is a company specializing in data management and analytics solutions. They offer services that help businesses harness the power of their data through advanced tools and technologies. Their expertise includes data visualization, data integration, and predictive analytics, aimed at driving informed decision-making and operational efficiency across various industries.
DataCampos specializes in advanced data solutions, offering comprehensive services such as data analytics, management, and visualization. The company leverages cutting-edge technology to help businesses optimize their data processes, drive decision-making, and enhance operational efficiency. With a focus on innovation and customer satisfaction, DataCampos delivers tailored solutions to meet diverse industry needs.