Ransomware Group:  
Babuk2
 / 
Babuk



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | Activity | Worldmap | Victims (179)

Babuk Locker 2.0, also known as Bjorka or SkyWave, after failing to make any profit from selling public databases on forums, decided to impersonate Babuk Ransomware group. He launched a blog where he claimed multiple public breaches from BreachForums as ransomware attacks


Sites

Favicon Title Type Available Last Visit FQDN Screenshot
Babuk - Leaks site 🔴 2025-03-10 11:24:11.251949 7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion N/A
Babuk - Leaks site 🔴 2025-04-09 04:00:22.614993 bxwu33iefqfc3rxigynn3ghvq4gdw3gxgxna5m4aa3o4vscdeeqhiqad.onion N/A

Activity over time

Worldmap

179 Victims

TR flag

turkish defense military 

Company logo
Ransomware Group:

Discovery Date: 2025-04-04 06:52

turkish defense military

Victim:   |  Group: 
DE flag

rheinmetall.com (Rheinmetall Defence) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-04 06:51

rheinmetall.com (Rheinmetall Defence)

Victim:   |  Group: 
IN flag

gangotreehomes.com (RealEstate) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 23:28

Sector: Not Found
gangotreehomes.com (RealEstate)

Victim:   |  Group: 
 flag

Secret plans of Indian army 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 23:28

Sector: Not Found
Secret plans of Indian army

Group: 
BD flag

Bangladesh Armed Forces (BangLadesh Army) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 23:27

Bangladesh Armed Forces (BangLadesh Army)

Group: 
SA flag

Saudi Arabian military and government internal center 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 23:26

Saudi Arabian military and government internal center

Group: 
GR flag

Hellenic Airforce 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 23:26

Hellenic Airforce

Group: 
SG flag

ezbuy.sg (Singapore Shopping) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 21:53

ezbuy.sg (Singapore Shopping)

Victim:   |  Group: 
IR flag

Iran gas service system 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 21:52

Sector: Energy
Iran gas service system,

Victim:   |  Group: 
LB flag

kfar hatta medical center - Lebanon 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 21:51

Sector: Healthcare
kfar hatta medical center - Lebanon

Victim:   |  Group: 
IT flag

Polizia italia mail access 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 03:20

Polizia italia mail access

Victim:   |  Group: 
SG flag

zalora.sg (Singapore Shopping) 

Company logo
Ransomware Group:

Discovery Date: 2025-04-03 03:19

zalora.sg (Singapore Shopping)

Victim:   |  Group: 
ES flag

ascires.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-02 20:18
Estimated Attack Date: 2024-10-11

Sector: Healthcare
ascires.com

ascires.com has been previously claimed by Stormous for an attack estimated on 2024-10-11.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-04-02

Victim:   |  Group: 
US flag

aosense.com - AO Sense INC. 

Company logo
Ransomware Group:

Discovery Date: 2025-04-02 20:16

Sector: Technology
aosense.com - AO Sense INC.

Victim:   |  Group: 
DK flag

dardoc.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-02 20:15
Estimated Attack Date: 2024-11-25

Sector: Not Found
dardoc.com

dardoc.com has been previously claimed by Killsec for an attack estimated on 2024-11-25.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-04-02

Victim:   |  Group: 
BD flag

navy-mil-bd 

Company logo
Ransomware Group:

Discovery Date: 2025-04-02 18:47

navy-mil-bd

Victim:   |  Group: 
IN flag

drdo.gov.in 

Company logo
Ransomware Group:

Discovery Date: 2025-04-02 01:49

drdo.gov.in

Victim:   |  Group: 
BR flag

uniproof.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-04-01 21:17

Sector: Not Found
uniproof.com.br

Victim:   |  Group: 
CA flag

(UPDATE) - whitecapcanada.com 

Company logo
Ransomware Group:

Discovery Date: 2025-04-01 16:52

Sector: Technology
(UPDATE) - whitecapcanada.com

Victim:   |  Group: 
ID flag

pln.co.id - PLN INDONESIA 

Company logo
Ransomware Group:

Discovery Date: 2025-03-31 17:24

Sector: Energy
pln.co.id - PLN INDONESIA

Victim:   |  Group: 
RW flag

moh.gov.rw 

Company logo
Ransomware Group:

Discovery Date: 2025-03-31 17:23

moh.gov.rw

Victim:   |  Group: 
US flag

iDRAC (Integrated Dell Remote Access Controller) management interface for Dell servers 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 16:24

Sector: Technology
iDRAC (Integrated Dell Remote Access Controller) management interface for Dell servers

Victim:   |  Group: 
UK flag

elsoms.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 02:50
Estimated Attack Date: 2024-09-07

elsoms.com

elsoms.com has been previously claimed by Meow for an attack estimated on 2024-09-07.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-29

Victim:   |  Group: 
BR flag

brune.com.br - Group MC (conglomerate) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 02:49

Sector: Not Found
brune.com.br - Group MC (conglomerate)

Victim:   |  Group: 
OM flag

towellengineering.net 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 02:48
Estimated Attack Date: 2024-08-15

towellengineering.net

towellengineering.net has been previously claimed by Ransomhub for an attack estimated on 2024-08-15.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-29

Victim:   |  Group: 
CO flag

icvc.co - Instituto Cardiovascular del Cesar 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 02:46

Sector: Healthcare
icvc.co - Instituto Cardiovascular del Cesar

icvc.co - Instituto Cardiovascular del Cesar has been previously claimed by Ransomhub for an attack estimated on 2024-08-31.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-29

Victim:   |  Group: 
IL flag

modiin-ezrachi.co.il 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 01:23
Estimated Attack Date: 2024-10-12

Sector: Not Found
modiin-ezrachi.co.il

modiin-ezrachi.co.il has been previously claimed by Meow for an attack estimated on 2024-10-12.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-29

Victim:   |  Group: 
 flag

La Futura 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 01:22

Sector: Not Found
La Futura

Victim:   |  Group: 
US flag

Atlantic Coast Consulting Inc 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 01:20

Sector: Not Found
Atlantic Coast Consulting Inc

Victim:   |  Group: 
 flag

theeyeclinicsurgicenter.com - The Eye Clinic Surgicenter company 

Company logo
Ransomware Group:

Discovery Date: 2025-03-29 01:19

Sector: Healthcare
theeyeclinicsurgicenter.com - The Eye Clinic Surgicenter company

Victim:   |  Group: 
IN flag

leadzen.ai 

Company logo
Ransomware Group:

Discovery Date: 2025-03-28 17:54

Sector: Technology
leadzen.ai

Victim:   |  Group: 
US flag

healthcasts.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-28 17:53

Sector: Healthcare
healthcasts.com

Victim:   |  Group: 
US flag

pureincubation.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-28 17:51

Sector: Technology
pureincubation.com

Victim:   |  Group: 
UZ flag

unired.uz 

Company logo
Ransomware Group:

Discovery Date: 2025-03-28 14:50

Sector: Not Found
unired.uz

Victim:   |  Group: 
PK flag

nadra.gov.pk - NADRA official Of Pakistan Army & (Andhra Pradesh) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-27 07:51

nadra.gov.pk - NADRA official Of Pakistan Army & (Andhra Pradesh)

Victim:   |  Group: 
GB flag

heras.co.uk 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 22:58
Estimated Attack Date: 2024-05-29

heras.co.uk

heras.co.uk has been previously claimed by Lockbit3 for an attack estimated on 2024-05-29.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-26

Victim:   |  Group: 
US flag

alliedwoundcare.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 22:57
Estimated Attack Date: 2024-01-12

Sector: Healthcare
alliedwoundcare.com

alliedwoundcare.com has been previously claimed by Everest for an attack estimated on 2024-01-12.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-26

Victim:   |  Group: 
RU flag

crimsgroup.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 22:55

Sector: Not Found
crimsgroup.com

Victim:   |  Group: 
IQ flag

aman-iraq.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 22:54

Sector: Not Found
aman-iraq.com

Victim:   |  Group: 
IQ flag

mot.gov.iq - Iraqi Ministry of Commerce (Of Trade) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 13:14

mot.gov.iq - Iraqi Ministry of Commerce (Of Trade)

Victim:   |  Group: 
IL flag

israel Infrastructure & Secret Documents intelligence information 

Company logo
Ransomware Group:

Discovery Date: 2025-03-26 13:13

Sector: Not Found
israel Infrastructure & Secret Documents intelligence information

Victim:   |  Group: 
TR flag

kalesavunma.com - KALE SAVUNMA. 

Company logo
Ransomware Group:

Discovery Date: 2025-03-25 22:54

kalesavunma.com - KALE SAVUNMA.

Victim:   |  Group: 
SK flag

airexplore.aero 

Company logo
Ransomware Group:

Discovery Date: 2025-03-24 21:24

airexplore.aero

Victim:   |  Group: 
ES flag

iberdrola.com (Spain energy) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-24 19:55

Sector: Energy
iberdrola.com (Spain energy)

Victim:   |  Group: 
RU flag

Synesis Surveillance System 

Company logo
Ransomware Group:

Discovery Date: 2025-03-22 14:54

Sector: Technology
Synesis Surveillance System

Victim:   |  Group: 
GB flag

inmarsat.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-22 11:54

inmarsat.com

Victim:   |  Group: 
JP flag

jp-property.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-22 11:52

Sector: Not Found
jp-property.com

Victim:   |  Group: 
SA flag

armetal.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-21 19:49

armetal.com

Victim:   |  Group: 
US flag

The Ticktin Law Group 

Company logo
Ransomware Group:

Discovery Date: 2025-03-21 07:23

The Ticktin Law Group By Babuk Locker 2.0

Victim:   |  Group: 
MY flag

Mpaj.gov.my 

Company logo
Ransomware Group:

Discovery Date: 2025-03-21 07:22

Mpaj.gov.my

Victim:   |  Group: 
 flag

exostar.com TOP Defense AS 

Company logo
Ransomware Group:

Discovery Date: 2025-03-21 02:53

Sector: Technology
exostar.com TOP Defense AS

Victim:   |  Group: 
PK flag

Standard Capital Securities (Pvt) Backoffice - Pakistan Stock Market Data Vault 

Company logo
Ransomware Group:

Discovery Date: 2025-03-21 01:22

Standard Capital Securities (Pvt) Backoffice - Pakistan Stock Market Data Vault

Victim:   |  Group: 
CN flag

mohrss.gov.cn ( Ministry of Human Resources and Social Security ) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 23:53

mohrss.gov.cn ( Ministry of Human Resources and Social Security )

Victim:   |  Group: 
US flag

amazon.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 23:52

Sector: Technology
amazon.com

Victim:   |  Group: 
FR flag

fr.sodexo.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 13:57

fr.sodexo.com

Victim:   |  Group: 
QA flag

Corporate access, up to Shipping Apps in QATAR 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 13:55

Corporate access, up to Shipping Apps in QATAR

Victim:   |  Group: 
QA flag

woqod.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 13:54

Sector: Energy
woqod.com

Victim:   |  Group: 
TH flag

mof.go.th - Ministry of Finance (Thailand) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 13:53

mof.go.th - Ministry of Finance (Thailand)

Victim:   |  Group: 
TH flag

smic.mi.th (Thailand Intelligence Agency) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-20 09:23

smic.mi.th (Thailand Intelligence Agency)

Victim:   |  Group: 
VE flag

www.gob.ve 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 19:58

www.gob.ve

Victim:   |  Group: 
TH flag

Access Panel Financial Technology Company (Thailand) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 19:57

Sector: Technology
Access Panel Financial Technology Company (Thailand)

Victim:   |  Group: 
US flag

United States County Palm Beach Goverment 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 19:56

United States County Palm Beach Goverment

Victim:   |  Group: 
BR flag

Municipal taxation Secretariat Access - Brazil Goverment 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 19:55

Municipal taxation Secretariat Access - Brazil Goverment

Victim:   |  Group: 
CN flag

Intelligence Bureau of the Joint Staff Department of the Central Military Commission... 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 18:28

Intelligence Bureau of the Joint Staff Department of the Central Military Commission China

Victim:   |  Group: 
MY flag

rac.gov.my 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 18:26

rac.gov.my

Victim:   |  Group: 
IN flag

nimapinfotech.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-19 18:25

Sector: Technology
nimapinfotech.com

Victim:   |  Group: 
IT flag

esaote.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 18:27

Sector: Healthcare
esaote.com

Victim:   |  Group: 
TH flag

nstda.or.th 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 18:26

Sector: Technology
nstda.or.th

Victim:   |  Group: 
ID flag

kominfo.go.id 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 18:24
Estimated Attack Date: 2024-07-01

kominfo.go.id

kominfo.go.id has been previously claimed by Braincipher for an attack estimated on 2024-07-01.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-18

Victim:   |  Group: 
ID flag

pajak.go.id 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 18:23

pajak.go.id

Victim:   |  Group: 
ID flag

dukcapil.kemendagri.go.id (SIAK DUKCAPIL MINISTRY OF HOME AFFAIRS OF INDONESIA) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 18:22

dukcapil.kemendagri.go.id (SIAK DUKCAPIL MINISTRY OF HOME AFFAIRS OF INDONESIA)

Victim:   |  Group: 
CA flag

whitecapcanada.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 15:24

Sector: Technology
whitecapcanada.com

Victim:   |  Group: 
US flag

hcahealthcare.com INC. 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 13:47

Sector: Healthcare
hcahealthcare.com INC.

Victim:   |  Group: 
US flag

sp.tnitelecom.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 12:23

sp.tnitelecom.com

Victim:   |  Group: 
US flag

Otelier.io 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 12:21

Sector: Technology
Otelier.io

Victim:   |  Group: 
US flag

highwirepress.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-18 07:45

Sector: Technology
highwirepress.com

Victim:   |  Group: 
CN flag

taobao.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-17 02:51

Sector: Technology
taobao.com

Victim:   |  Group: 
CN flag

This entry has been removed following a request from the company 

Company logo
Ransomware Group:

Discovery Date: 2025-03-17 02:50

Sector: Technology
Takedown notice of 18 Mars 2025 - Request #1025

Group: 
IN flag

icmr.gov.in 

Company logo
Ransomware Group:

Discovery Date: 2025-03-17 01:20

icmr.gov.in

Victim:   |  Group: 
KR flag

Ministry Of Defense of the Republic Of Korea 

Company logo
Ransomware Group:

Discovery Date: 2025-03-16 23:46

Ministry Of Defense of the Republic Of Korea

Victim:   |  Group: 
CN flag

JD.com Inc (Chinese) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-16 23:45

Sector: Technology
JD.com Inc (Chinese)

Victim:   |  Group: 
US flag

Florida Department of Transportation (FDOT) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-16 14:50

Florida Department of Transportation (FDOT)

Victim:   |  Group: 
FR flag

Orange.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-16 14:49

Orange.com

Victim:   |  Group: 
BY flag

Belarus E-commerce & Energy Data 

Company logo
Ransomware Group:

Discovery Date: 2025-03-15 10:23

Sector: Technology
Belarus E-commerce & Energy Data

Victim:   |  Group: 
IL flag

knesset.gov.il 

Company logo
Ransomware Group:

Discovery Date: 2025-03-15 10:22
Estimated Attack Date: 2024-10-25

knesset.gov.il

knesset.gov.il has been previously claimed by Hellcat for an attack estimated on 2024-10-25.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-15

Victim:   |  Group: 
TH flag

nrru.ac.th - University 

Company logo
Ransomware Group:

Discovery Date: 2025-03-15 10:21

Sector: Education
nrru.ac.th - University

Victim:   |  Group: 
US flag

iaai.com - Washington DC DMV 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 12:45

iaai.com - Washington DC DMV

Victim:   |  Group: 
VN flag

The Ministry of National Defense - mod.gov.vn (NavyVietnam) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 10:14

The Ministry of National Defense - mod.gov.vn (NavyVietnam)

Victim:   |  Group: 
PE flag

movistar.com.pe 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 10:13

movistar.com.pe

Victim:   |  Group: 
TW flag

Taiwan - Mackay Hospital 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 08:02
Estimated Attack Date: 2025-03-13

Sector: Healthcare
Taiwan - Mackay Hospital

Taiwan - Mackay Hospital has been previously claimed by Crazyhunter for an attack estimated on 2025-03-05.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-14

Victim:   |  Group: 
TW flag

cch.org.tw - Changhua Christian Hospital 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 08:01
Estimated Attack Date: 2025-03-13

Sector: Healthcare
cch.org.tw - Changhua Christian Hospital

cch.org.tw - Changhua Christian Hospital has been previously claimed by Crazyhunter for an attack estimated on 2025-03-05.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-14

Victim:   |  Group: 
BR flag

nuclep.gov.br. Nuclep Brazil 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 08:00
Estimated Attack Date: 2025-03-13

nuclep.gov.br. Nuclep Brazil

Victim:   |  Group: 
IQ flag

parliament.iq 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 07:59

parliament.iq By Babuk Locker 2.0

Victim:   |  Group: 
TW flag

web.asia.edu.tw - Taiwan (Asia University) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 07:57

Sector: Education
web.asia.edu.tw - Taiwan (Asia University)

web.asia.edu.tw - Taiwan (Asia University) has been previously claimed by Crazyhunter for an attack estimated on 2025-03-05.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-03-14

Victim:   |  Group: 
CN flag

Intelligence Bureau of the Joint Staff Department of the Central Military Commission China 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 07:56

Intelligence Bureau of the Joint Staff Department of the Central Military Commission China

Victim:   |  Group: 
 flag

Indian military and government defense 20TB 

Company logo
Ransomware Group:

Discovery Date: 2025-03-14 07:55

Indian military and government defense 20TB

Victim:   |  Group: 
IQ flag

Iraqi Ministry of Finance 

Company logo
Ransomware Group:

Discovery Date: 2025-03-13 00:57

Iraqi Ministry of Finance

Victim:   |  Group: 
IQ flag

Iraqi Council of Ministers 

Company logo
Ransomware Group:

Discovery Date: 2025-03-13 00:55

Iraqi Council of Ministers

Victim:   |  Group: 
SG flag

marinabaysands.com -  Singapore Hotel (Internal Server) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-12 17:25

marinabaysands.com -  Singapore Hotel (Internal Server)

Victim:   |  Group: 
IN flag

hitekgroup.in india Finance 

Company logo
Ransomware Group:

Discovery Date: 2025-03-12 14:23

hitekgroup.in india Finance

Victim:   |  Group: 
IN flag

India's telecommunication network 

Company logo
Ransomware Group:

Discovery Date: 2025-03-12 12:51

India's telecommunication network

Victim:   |  Group: 
TR flag

Baykar Turkish defense company C4I and artificial intelligence 

Company logo
Ransomware Group:

Discovery Date: 2025-03-12 00:55

Baykar Turkish defense company C4I and artificial intelligence By Babuk Locker 2.0

Victim:   |  Group: 
SK flag

airexplore.aero Company 

Company logo
Ransomware Group:

Discovery Date: 2025-03-11 14:23

airexplore.aero Company

Victim:   |  Group: 
BR flag

fnde.gov.br brazilian government 

Company logo
Ransomware Group:

Discovery Date: 2025-03-11 02:54

fnde.gov.br brazilian government

Victim:   |  Group: 
PK flag

wapda.gov.pk 

Company logo
Ransomware Group:

Discovery Date: 2025-03-11 02:53

wapda.gov.pk By Babuk Locker 2.0

Victim:   |  Group: 
US flag

lexmark.com Company 

Company logo
Ransomware Group:

Discovery Date: 2025-03-11 02:52

Sector: Technology
lexmark.com Company

Victim:   |  Group: 
FR flag

forvismazars.com.fr ( mazars.fr ) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-11 01:24

Sector: Not Found
forvismazars.com.fr ( mazars.fr ) By Babuk Locker 2.0

Victim:   |  Group: 
 flag

petstop.com Company 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 23:52

petstop.com Company

Group: 
 flag

misaludhealth.com 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 23:51

Sector: Technology
misaludhealth.com By Babuk Locker 2.0

Group: 
CN flag

bank.pingan.com (CN) 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 22:22

bank.pingan.com

Victim:   |  Group: 
IN flag

Access to Indian Ministry of Defence and Military Secret (DRDO) documents By Babuk Locker ... 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 22:21

Access to Indian Ministry of Defence and Military Secret (DRDO) documents By Babuk Locker 2.0

Victim:   |  Group: 
BR flag

Mandarin.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 19:23

Sector: Not Found
Mandarin.com.br

Victim:   |  Group: 
FR flag

mazars.fr 

Company logo
Ransomware Group:

Discovery Date: 2025-03-10 11:28
Estimated Attack Date: 2023-05-22

mazars.fr company

Victim:   |  Group: 
ID flag

INDONESIA TAXPAYER IDENTIFICATION NUMBER (NPWP) 

Company logo
Ransomware Group:

Discovery Date: 2025-01-28 18:12

INDONESIA TAXPAYER IDENTIFICATION NUMBER (NPWP)

Victim:   |  Group: 
ID flag

MYINDIHOME TELKOM INDONESIA by ( Babuk Locker ) 

Company logo
Ransomware Group:

Discovery Date: 2025-01-28 16:03

MYINDIHOME TELKOM INDONESIA

Victim:   |  Group: 
ID flag

MYINDIHOME TELKOM INDONESIA 

Company logo
Ransomware Group:

Discovery Date: 2025-01-28 15:13

MYINDIHOME TELKOM INDONESIA

Victim:   |  Group: 
ID flag

MYPERTAMINA INDONESIA 

Company logo
Ransomware Group:

Discovery Date: 2025-01-28 05:56

Sector: Energy
MYPERTAMINA INDONESIA

Victim:   |  Group: 
BR flag

copral.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 11:39

Greetings! copral.com.br Today we are posting here the new company, "Copral Comercio e Navegacao LTDA".

copral.com.br has been previously claimed by Lockbit3 for an attack estimated on 2024-11-14.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
DE flag

human.de 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:30
Estimated Attack Date: 2021-02-01

Sector: Technology
HUMAN, founded in 1972, is a Germany based privately owned company which develops, manufactures and distributes a wide range of IVD Diagnostics and laboratory equipment.

Victim:   |  Group: 
US flag

bocagroup.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:27
Estimated Attack Date: 2021-02-01

Sector: Not Found
As America's premier elevator and escalator consulting company, BOCA Group is the partner of choice for the biggest and best-known building owners and developer

Victim:   |  Group: 
SE flag

alentec.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:25

This is a public request for Alentec & Orion AB, you don't have much time left to get in touch with us and help you resolve your security problems, we also continue to be in your networks and monitor you

Victim:   |  Group: 
DE flag

Württemberger Medien 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:23

Sector: Not Found
Lassen Sie sich kostenlos von unseren Experten aus Stuttgart beraten. Digitalisierung geht schnell und einfach - Wir haben Lösungen für den Mittelstand!

Victim:   |  Group: 
BR flag

viacaojacarei.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:21

viacaojacarei.com.br

viacaojacarei.com.br has been previously claimed by Lockbit3 for an attack estimated on 2025-01-13.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

gelco-s-a.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:19

gelco-s-a.com.br

gelco-s-a.com.br has been previously claimed by Lockbit3 for an attack estimated on 2025-01-13.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
PY flag

Kurosu & Co.SA - kurosu.com.py 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:17

Kurosu & Co.SA - kurosu.com.py LEAKED

Kurosu & Co.SA - kurosu.com.py has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
MX flag

zapopan.gob.mx 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:16

zapopan.gob

zapopan.gob.mx has been previously claimed by Funksec for an attack estimated on 2025-01-13.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
JO flag

carc.gov.jo 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:14

carc.gov

carc.gov.jo has been previously claimed by Funksec for an attack estimated on 2025-01-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
CO flag

nhbg.com.co 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:13

Sector: Not Found
nhbg

nhbg.com.co has been previously claimed by Lockbit3 for an attack estimated on 2024-09-04.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

APMS ( Advanced Physician Management Service LLC 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:12

Sector: Healthcare
APMS ( Advanced Physician Management Service LLC

Victim:   |  Group: 
 flag

a top-tier law firm in Workers Compensation Defense! 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:10

a top-tier law firm in Workers Compensation Defense!

Victim:   |  Group: 
US flag

precisediagnosticspacs.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:09

Sector: Healthcare
precisediagnosticspacs.com

precisediagnosticspacs.com has been previously claimed by Funksec for an attack estimated on 2024-12-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
KE flag

zetech.ac.ke 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:08

Sector: Education
zetech.ac.ke

zetech.ac.ke has been previously claimed by Funksec for an attack estimated on 2024-12-14.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
 flag

maxprofit.mcode.me 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:07

Sector: Not Found
maxprofit.mcode.me

maxprofit.mcode.me has been previously claimed by Funksec for an attack estimated on 2024-12-14.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
MK flag

skopje.gov.mk 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:06

skopje.gov.mk

skopje.gov.mk has been previously claimed by Funksec for an attack estimated on 2024-12-14.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
MN flag

rtdc.gov.mn 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:05

rtdc.gov.mn access

rtdc.gov.mn has been previously claimed by Funksec for an attack estimated on 2024-12-17.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
PK flag

pbos.gov.pk 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:04

pbos.gov.pk

pbos.gov.pk has been previously claimed by Funksec for an attack estimated on 2024-12-17.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
SP flag

abd-ong.org 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:02

Sector: Not Found
abd-ong.org

abd-ong.org has been previously claimed by Funksec for an attack estimated on 2024-12-18.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
UZ flag

mtgazeta.uz 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:01

Sector: Not Found
mtgazeta.uz

mtgazeta.uz has been previously claimed by Funksec for an attack estimated on 2024-12-06.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

sincorpe.org.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 08:00

Sector: Not Found
sincorpe.org.br

sincorpe.org.br has been previously claimed by Funksec for an attack estimated on 2024-12-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
DE flag

pti.agency 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:58

Sector: Not Found
pti.agency

pti.agency has been previously claimed by Funksec for an attack estimated on 2024-12-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

singularanalysts.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:57

Sector: Technology
singularanalysts.com

singularanalysts.com has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

gervetusa.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:56

Sector: Healthcare
gervetusa.com

gervetusa.com has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
ZM flag

workers.com.zm 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:55

Sector: Not Found
workers.com.zm

workers.com.zm has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
AU flag

wacer.com.au 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:54

wacer.com.au

wacer.com.au has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

thebetareview.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:51

Sector: Technology
thebetareview.com

thebetareview.com has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
 flag

senseis.xmp.net 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:50

Sector: Not Found
senseis.xmp.net

senseis.xmp.net has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
AU flag

fpsc-anz.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:48

Sector: Not Found
fpsc-anz.com

fpsc-anz.com has been previously claimed by Funksec for an attack estimated on 2024-12-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
IN flag

mandiricoal.net 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:47

Sector: Energy
mandiricoal.net

mandiricoal.net has been previously claimed by Funksec for an attack estimated on 2024-12-11.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
IN flag

dealplexus.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:46

dealplexus.com

dealplexus.com has been previously claimed by Funksec for an attack estimated on 2024-12-11.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

bee-insurance.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:45

bee-insurance.com

bee-insurance.com has been previously claimed by Funksec for an attack estimated on 2024-12-13.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
CO flag

lamundialdeseguros.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:44

lamundialdeseguros.com

lamundialdeseguros.com has been previously claimed by Funksec for an attack estimated on 2024-12-13.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

indianaerospaceandengineering.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:42

indianaerospaceandengineering.com

Victim:   |  Group: 
 flag

gstpam.org 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:41

Sector: Not Found
gstpam.org

gstpam.org has been previously claimed by Funksec for an attack estimated on 2024-12-15.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

www.shootinghouse.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:40

Sector: Not Found
www.shootinghouse.com.br

www.shootinghouse.com.br has been previously claimed by Ransomhub for an attack estimated on 2024-02-28.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

headwaterco.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:38

Sector: Technology
headwaterco.com

headwaterco.com has been previously claimed by Ransomhub

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
RO flag

www.al-shefafarm.ro 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:36

www.al-shefafarm.ro

www.al-shefafarm.ro has been previously claimed by Ransomhub for an attack estimated on 2024-02-23.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

www.ykp.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:35

Sector: Technology
www.ykp.com.br

www.ykp.com.br has been previously claimed by Ransomhub for an attack estimated on 2024-02-07.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
 flag

www.go4kora.tv 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:34

Sector: Not Found
www.go4kora.tv

www.go4kora.tv has been previously claimed by Ransomhub for an attack estimated on 2024-03-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
MY flag

www.rekamy.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:33

Sector: Technology
www.rekamy.com

www.rekamy.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-08.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

www.dvttechnologyltd.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:32

Sector: Technology
www.dvttechnologyltd.com

www.dvttechnologyltd.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-08.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
SK flag

www.siea.sk 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:31

Sector: Energy
www.siea.sk

www.siea.sk has been previously claimed by Ransomhub for an attack estimated on 2024-03-07.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

www.spmundi.com.br 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:30

www.spmundi.com.br

www.spmundi.com.br has been previously claimed by Ransomhub for an attack estimated on 2024-03-07.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
ID flag

www.merchant.id 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:28

www.merchant.id

www.merchant.id has been previously claimed by Ransomhub for an attack estimated on 2024-03-06.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

www.cyncsolutions.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:27

Sector: Technology
www.cyncsolutions.com

www.cyncsolutions.com has been previously claimed by Ransomhub for an attack estimated on 2024-04-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

Baca County Feedyard, Inc 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:26

Baca County Feedyard, Inc

Baca County Feedyard, Inc has been previously claimed by Ransomhub for an attack estimated on 2024-04-09.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
CA flag

www.skywaycoach.ca 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:25

www.skywaycoach.ca

www.skywaycoach.ca has been previously claimed by Ransomhub for an attack estimated on 2024-04-08.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
IT flag

www.farmaciaflorio.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:24

Sector: Healthcare
www.farmaciaflorio.com

www.farmaciaflorio.com has been previously claimed by Ransomhub for an attack estimated on 2024-04-08.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
GB flag

www.nrshealthcare.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:23

Sector: Healthcare
www.nrshealthcare.com

www.nrshealthcare.com has been previously claimed by Ransomhub for an attack estimated on 2024-04-07.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

www.hcisystems.net 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:22

Sector: Technology
www.hcisystems.net

www.hcisystems.net has been previously claimed by Ransomhub for an attack estimated on 2024-04-06.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

www.betteraccountingsolutions.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:20

www.betteraccountingsolutions.com

www.betteraccountingsolutions.com has been previously claimed by Ransomhub for an attack estimated on 2024-04-06.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
IT flag

www.aretusamilano.it 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:19

Sector: Not Found
www.aretusamilano.it

www.aretusamilano.it has been previously claimed by Ransomhub for an attack estimated on 2024-04-04.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

www.agenciahost.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:18

www.agenciahost.com

www.agenciahost.com has been previously claimed by Ransomhub for an attack estimated on 2024-04-03.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
SV flag

www.constelacion.com.sv 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:17

Sector: Technology
www.constelacion.com.sv

www.constelacion.com.sv has been previously claimed by Ransomhub for an attack estimated on 2024-04-02.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
NO flag

www.avantit.no 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:16

Sector: Technology
www.avantit.no

www.avantit.no has been previously claimed by Ransomhub for an attack estimated on 2024-03-28.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
CO flag

www.industrialdealimentos.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:14

www.industrialdealimentos.com

www.industrialdealimentos.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-20.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
BR flag

www.lapastina.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:13

www.lapastina.com

www.lapastina.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-20.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
MY flag

www.kovra.com.my 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:12

Sector: Not Found
www.kovra.com.my

www.kovra.com.my has been previously claimed by Ransomhub for an attack estimated on 2024-03-12.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
CA flag

www.computan.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:11

Sector: Technology
www.computan.com

www.computan.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-11.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: 
US flag

www.scadea.com 

Company logo
Ransomware Group:

Discovery Date: 2025-01-27 07:09

Sector: Technology
www.scadea.com

www.scadea.com has been previously claimed by Ransomhub for an attack estimated on 2024-03-10.

This could suggest a new attack, a cross-claim between brands by the same threat actor, or the recycling of previously leaked stolen data.

Update Date: 2025-01-27

Victim:   |  Group: