Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

D1r

| Active

Suspicious group

Victims
3
 
First Discovered
2026-07-13
victim
Last Discovered
2026-07-13
victim
Inactive Since
0
days
Avg Delay
N/A
attack→claim
Infostealer
100.0%
victims with domain
Countries
3
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
3 victims this month

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Items – D1R Yes 2026-07-13T23:46:33 NGINX nginx 1.22.1 — PHP PHP 8.2.12 dirone3rl3vvq64ckcnrvhe2ogrhjrwu5u7hqzrlotu3rfvmqmmbsuqd.onion/items

Target
Top 5 Activity Sectors
  • Technology 2
  • Manufacturing 1
Top 5 Countries
  • DE flag Germany 1
  • GB flag United Kingdom 1
  • US flag United States 1

Heatmap

Indicators of Compromise (IoCs) (2)
telegram 1 tox 1
Type IOC
telegram https://t.me/Qqqqqqops
tox 063719AF013AD4EE89B497701BA5916898D70F45543C39E41154C4BCAC3A2F26F57913B31431

Victims (3)
Logo
Discovered: 2026-07-13 (12h ago)
Again, thanks to database Synopsys provided us with After analyzing technical leaks by other groups …
Logo
Discovered: 2026-07-13 (12h ago)
Thanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-refe…
Logo
Discovered: 2026-07-13 (12h ago)
Data, Leak…