Blackwater
| Active
Blackwater is a ransomware group that first surfaced in early 2026, combining file encryption with data theft and targeting healthcare organizations, with known victims including Minidoka Memorial Hospital in Idaho.
Victims
6
First Discovered
2026-05-02
victim
Last Discovered
2026-05-02
victim
Inactive Since
12
days
Avg Delay
15.6
days
Infostealer
60.0%
victims with domain
Countries
4
hit
Attack Velocity — Last 12 months
-75% vs last month
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Blog | Yes | 2026-05-14T19:46:42 | nginx |
ejzl7cjxmkx7lzhiqwidmrwtfjv45pkczbc4fnyaut3t7gll3yaiq5id.onion
|
Target
Top 5 Activity Sectors
- Healthcare 2
- Manufacturing 2
- Business Services 1
- Public Sector 1
Top 5 Countries
-
United States
2
-
China
2
-
Türkiye
1
-
Brazil
1
Heatmap
Ransom Notes (1)
YARA Rules (1)
Victims (6)
Medical Park Hastaneler Grubu is Turkey's leading healthcare group, operating 36 hospitals across 14…
Shenzhen Gongjin Electronics, founded in 1998 and also known as T&W, is a telecommunications manufac…
Compass Housing Alliance is dedicated to developing and providing essential services, shelter, and a…
Founded in 1983 and headquartered in Ningbo, China, Ningbo Tuopu Group Co., Ltd. is a multipurpose e…