Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Bluebox

Bluebox is a data extortion group that emerged in December 2024, employing double-extortion tactics against victims primarily in France, Sweden, and the French Caribbean, and threatening to notify data protection authorities to add regulatory pressure on victims.

Victims
3
 
First Discovered
2024-12-11
victim
Last Discovered
2024-12-17
victim
Inactive Since
1yr
more than
Avg Delay
6.7
days
Infostealer
33.3%
victims with domain
Countries
2
hit
View Victims on World Map View Group Statistics
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Bluebox No 2026-04-28T07:23:01 zu3wfrmrkl4ltqqnpt3owp3cwa33rqwod4gpe3ttb5o4vf2is2gzm6qd.onion
Target
Top 5 Activity Sectors
  • Transportation/Logistics 1
  • Manufacturing 1
  • Business Services 1
Top 5 Countries
  • FR flag France 2
  • SE flag Sweden 1
Heatmap
YARA Rules (1)
Indicators of Compromise (IoCs) (2)
Email 1 tox 1
Type IOC
Email aocpocqotox@onionmail.org
tox E39D0A412302DF31B24613AA88D5859A5432A5FCBAD25917E93DA84D56CB411F88119E8AEB78
Victims (3)
Logo
Groupe-fimar FR
Bluebox
Discovered: 2024-12-17 (1y ago)  ·  Attack est.: 2024-12-14
Commercial and Logistics Group…
Logo
Westerstrand Urfabrik AB SE
Bluebox
Discovered: 2024-12-11 (1y ago)  ·  Attack est.: 2024-12-02
Manufacturer of Swedish quality products…
Logo
PH ARCHITECTURE FR
Bluebox
Discovered: 2024-12-11 (1y ago)  ·  Attack est.: 2024-12-03
French architectural design company…