Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Blackshadow

BlackShadow is an Iranian-linked hack-and-leak group (linked to the Agrius APT) that targeted Israeli companies including insurance firm Shirbit and hosting provider Cyberserve, leaking medical records of 290,000 patients, using extortion as a tool of geopolitical disruption rather than purely for financial gain.

Victims
3
 
First Discovered
2021-12-18
victim
Last Discovered
2021-12-18
victim
Inactive Since
4yrs
more than
Avg Delay
N/A
attack→claim
Infostealer
N/A
victims with domain
Countries
0
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon No 2026-05-13T22:12:19 544corkfh5hwhtn4.onion
Target
Top 5 Activity Sectors
  • Financial Services 2
  • Technology 1
Top 5 Countries
Heatmap
YARA Rules (1)
Victims (3)
Logo
Shirbit Insurance Company
Blackshadow
Discovered: 2021-12-18 (4y ago)
No description available
Logo
K.L.S Capital
Blackshadow
Discovered: 2021-12-18 (4y ago)
No description available
Logo
CyberServe Company
Blackshadow
Discovered: 2021-12-18 (4y ago)
No description available