Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Timc

| Active

TiMc is a ransomware group that emerged in early 2026, claiming high-impact attacks against Spanish IT services leader Seidor (1 TB+ data) and oncology organization Oncologica (100 GB+), targeting Business Services, Healthcare, and IT sectors with a focus on Spanish-speaking and European targets.

Victims
3
 
First Discovered
2026-04-09
victim
Last Discovered
2026-04-09
victim
Inactive Since
34
days
Avg Delay
N/A
attack→claim
Infostealer
33.3%
victims with domain
Countries
3
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Pixel Dashboard Yes 2026-05-13T20:05:40 NGINX nginx 1.18.0 rzzfiwoop67jrxadngcy7nvjm7suwtrjznview63ooowqfsm5sq7gmqd.onion
Target
Top 5 Activity Sectors
  • Healthcare 1
  • Business Services 1
  • Manufacturing 1
Top 5 Countries
  • GB flag United Kingdom 1
  • ES flag Spain 1
  • AR flag Argentina 1
Heatmap
YARA Rules (1)
Victims (3)
Logo
oncologica GB
Timc
Discovered: 2026-04-09 (1mo ago)
We breached into their intranet and have total control of it , with 1TB+ data exfiltrated including …
Logo
Seidor ES
Timc
Discovered: 2026-04-09 (1mo ago)
On behalf of A IT solution company , the first response to the data breach was trying to cover the t…
Logo
Debene S.A. | Página Principal AR
Timc
Discovered: 2026-04-09 (1mo ago)
We've taken down their DC and FS, 100GB+ of the data including PII, Trade record and Full 20GB+ MySQ…