Skip to content
  • There are no suggestions because the search field is empty.

Ransomware API Introductory Guide

The Ransomware endpoint allows you query for organization mentions or other attributes, filtered to a selection of Ransomware as a Service (RaaS) websites and blogs.

Base Search Fields

At least one Base Search field (see table below) must be used with all searches.

  • Base search fields accept letters, numbers, special characters, and operators. Wildcards are generally allowed, except for leading wildcards.
  • Up to 10 Base Search fields can be used in a single query.

Base Search Fields

Example

Description
org_name  Mega Corp Use to look for mentions of an organization’s name.
org_domain megacorp.net Use to look for mentions of an organization’s domain or URLs containing the organization’s domain. Be sure to specify the domain portion only (i.e. megacorp.com) and not a full URL (i.e. https://megacorp[dot]com).
contact_name Cecilia Young A first and last name. Use to look for mentions of a CEO or key executives mentioned on ransomware sites.
keyword bitcoin This field supports either a word or a phrase. Phrases do not need to be in quotations