Threat Actor Profile
Low Cybercriminal
Description

Our team members are from different countries and we are not interested in anything else, we are only interested in dollars. We do not allow CIS, Cuba, North Korea and China to be targeted. Re-attacks are not allowed for target companies that have already made payments. We do not allow non-profit hospitals and some non-profit organizations be targeted.

Confidence Score
100%
Tags
ransomware ransomware.live
First Seen

Unknown

Last Updated

Unknown

Active Status
Active
Created

April 29, 2026

Indicators of Compromise

Loading IOCs…

IOC KQL for Sentinel
STIX Data 
{'added_date': '2025-01-24',
 'client': '2003264@sit.singaporetech.edu.sg',
 'description': 'Our team members are from different countries and we are not '
                'interested in anything else, we are only interested in '
                'dollars. We do not allow CIS, Cuba, North Korea and China to '
                'be targeted. Re-attacks are not allowed for target companies '
                'that have already made payments. We do not allow non-profit '
                'hospitals and some non-profit organizations be targeted.',
 'firstseen': '2025-01-24T16:40:28.062253+00:00',
 'group': 'GDLockerSec',
 'has_negotiations': False,
 'has_ransomnote': False,
 'lastseen': '2025-01-26T19:28:20.980167+00:00',
 'locations': [{'available': False,
                'fqdn': 'igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion',
                'slug': 'http://igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion',
                'title': 'Index of /',
                'type': 'DLS'}],
 'negotiation_count': 0,
 'ransomnotes_count': 0,
 'tiaras_metadata': {'has_negotiations': False,
                     'has_ransomnote': False,
                     'locations': [{'available': False,
                                    'fqdn': 'igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion',
                                    'slug': 'http://igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion',
                                    'title': 'Index of /',
                                    'type': 'DLS'}],
                     'negotiation_count': 0,
                     'ransomnotes_count': 0,
                     'ransomware_live_group': 'gdlockersec',
                     'tools': {},
                     'url': 'https://www.ransomware.live/group/gdlockersec',
                     'victims': 5,
                     'vulnerabilities': []},
 'tiaras_source': 'ransomware.live',
 'tools': {},
 'ttps': [],
 'url': 'https://www.ransomware.live/group/gdlockersec',
 'victims': 5,
 'vulnerabilities': []}
Quick Actions
Back to Threat Actors
Dashboard Home