Pay2Key Ransomware: New Strategy, Higher Payouts, and Western Target Worries!

Pay2Key ransomware is raising eyebrows and affiliate payouts. The gang, with ties to Iran, has re-emerged targeting Western organizations with an 80% profit-sharing scheme. Their new variant, Pay2Ket.I2P, is making waves on the Dark Web, proving that when it comes to ransomware, Pay2Key isn’t just playing for peanuts!

3P
Published: July 11, 2025 9:03 pmAdded: July 11, 2025 at 2:13 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Brace yourselves, folks! Pay2Key is back in the cyber game, and they’ve upped the stakes by offering a juicy piece of the ransom pie to their affiliates. It’s like a cybercrime bake sale, and the gang’s got their eyes set on the West. Just when you thought it was safe to open suspicious emails again…

Key Points:

– Pay2Key, tied to Iranian threat group Fox Kitten, resurfaces with a new strategy.
– Offering affiliates 80% profit-sharing for attacks on “enemies of Iran.”
– Introduced a new Linux-targeted ransomware build to broaden attacks.
– Shifted to using I2P for ransom portals, shifting away from Tor.
– Conducted a marketing blitz to attract affiliates on Russian and Chinese Dark Web forums.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?