Ransomware Victims API
Vysion monitors ransomware activity on the darknet, providing comprehensive data about detected victims. This API allows you to search for and retrieve information about ransomware victims.
Search for Ransomware Victims
Section titled “Search for Ransomware Victims”Search through the ransomware victims database using various filters.
GET
/api/v2/victim/searchParameters
Section titled “Parameters”| Name | Type | Required | Description |
|---|---|---|---|
q | string | No | Search query string |
gte | string | No | Date filter (≥). Formats: Unix timestamp, YYYY-MM-DD, or YYYY-MM-DDThh:mm:ss |
lte | string | No | Date filter (≤). Formats: Unix timestamp, YYYY-MM-DD, or YYYY-MM-DDThh:mm:ss |
page | integer | No | Page number for pagination |
page_size | integer | No | Results per page (default: 10) |
group | string | No | Filter by ransomware perpetraitor |
network | string | No | Filter by network type |
country | string | No | Filter by victim’s country |
language | string | No | Filter by language |
sector | string | No | Filter by industry sector |
Example Requests
Section titled “Example Requests”curl "https://api.vysion.ai/api/v2/victim/search?q=american&page=1" \ --header 'Accept: application/json' \ --header 'x-api-key: YOUR_API_KEY'from vysion import client
c = client.Client(api_key="YOUR_API_KEY")result = c.search_ransomware_victim("american")
for hit in result: print(hit)Response
Section titled “Response”{ "data": { "total": 25, "hits": [ { "page": { "id": "64abc305e7f72075c8b582c2", "url": { "url": "http://example.onion/victims", "networkProtocol": "http", "domainName": "example.onion", "port": 80, "path": "/victims", "signature": "88fef6f3-fdb6-486d-87e1-c7ae0750df94", "network": "tor" }, "foundAt": "2023-07-01T10:30:00Z", "pageTitle": "Recent Victims", "language": "en", "html": "<html>...</html>", "text": "Company victim information...", "sha1sum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "sha256sum": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "ssdeep": "3:a+JrJL:aJrJL", "detectionDate": "2023-07-01T10:30:00Z", "screenshot": "base64_encoded_screenshot", "chunk": false }, "tag": [ { "namespace": "ransomware", "predicate": "victim", "value": "confirmed" } ], "ransomwareGroup": "Conti", "companyName": "American Manufacturing Corp", "companyAddress": "123 Industrial Blvd, Detroit, MI", "companyLink": "https://americanmfg.com", "country": "United States", "naics": "3363", "industry": "Motor Vehicle Parts Manufacturing" } ] }, "error": null}Get Ransomware Victim by ID
Section titled “Get Ransomware Victim by ID”Retrieve a specific ransomware victim record by its unique identifier.
GET
/api/v2/victim/{id}Parameters
Section titled “Parameters”| Name | Type | Required | Description |
|---|---|---|---|
id | string | Yes | Victim record ID |
Example Requests
Section titled “Example Requests”curl "https://api.vysion.ai/api/v2/victim/64abc305e7f72075c8b582c2" \ --header 'Accept: application/json' \ --header 'x-api-key: YOUR_API_KEY'from vysion import client
c = client.Client(api_key="YOUR_API_KEY")result = c.get_ransomware_victim("64abc305e7f72075c8b582c2")print(result)Victim Data Fields
Section titled “Victim Data Fields”Each ransomware victim record contains the following information:
| Field | Type | Description |
|---|---|---|
ransomwareGroup | string | Name of the ransomware group responsible |
companyName | string | Name of the victim company |
companyAddress | string | Physical address of the company |
companyLink | string | Company website URL |
country | string | Country where the company is located |
naics | string | NAICS industry classification code |
industry | string | Industry sector description |
page | object | Associated page/document information |
tag | array | Classification tags |
Industry Sectors
Section titled “Industry Sectors”Common industry sectors found in ransomware victim data:
- Manufacturing: Automotive, Electronics, Machinery
- Healthcare: Hospitals, Medical Practices, Pharmaceuticals
- Finance: Banks, Insurance, Investment Firms
- Education: Schools, Universities, Training Centers
- Government: Municipal, State, Federal Agencies
- Technology: Software, IT Services, Telecommunications
- Retail: Stores, E-commerce, Distribution
- Energy: Oil & Gas, Utilities, Renewable Energy
Response Status Codes
Section titled “Response Status Codes”| Status | Meaning | Description |
|---|---|---|
| 200 | OK | Successful response |
| 401 | Unauthorized | Invalid or missing API key |
| 404 | Not Found | Victim record not found |
| 422 | Unprocessable Entity | Validation error |
| 429 | Too Many Requests | Rate limit exceeded |