Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Crypto24

| Active | RaaS

Crypto24 is a double-extortion ransomware-as-a-service group that surfaced on the RAMP forum in mid-2024, targeting large organizations in financial services, healthcare, manufacturing, and technology across Asia, Europe, and North America, with notable victims including CMC Group, Vietnam's second-largest ICT conglomerate.

Victims
46
 
First Discovered
2025-04-08
victim
Last Discovered
2026-04-17
victim
Inactive Since
29
days
Avg Delay
64.7
days
Infostealer
41.3%
victims with domain
Countries
24
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon CRYPTO24 | Data Leak Site Yes 2026-05-16T11:46:33 NGINX nginx 1.22.1 — Express j5o5y2feotmhvr7cbcp2j2ewayv5mn5zenl3joqwx67gtfchhezjznad.onion
Target
Top 5 Activity Sectors
  • Technology 9
  • Manufacturing 6
  • Business Services 6
  • Financial Services 6
  • Healthcare 5
Top 5 Countries
  • US flag United States 8
  • SG flag Singapore 3
  • ID flag Indonesia 3
  • MY flag Malaysia 3
  • AR flag Argentina 2
Heatmap
Ransom Notes (1)
YARA Rules (1)
Indicators of Compromise (IoCs) (3)
Email 1 IP Address 1 session 1
Type IOC
Email crypto24support@pm.me
IP Address 45.63.9.192:5050
session 05e034eb421832ae9209e9c17441c93ee4509f2e6dae2b23595763e0a19fdcee52
Victims (46)
Logo
Qatar Biomedical Research Institute (QBRI) QA
Crypto24
Discovered: 2026-04-17 (28d ago)
[AI generated] Qatar Biomedical Research Institute (QBRI) is a research institute based in Qatar, op…
Logo
Katcon Global MX
Crypto24
Discovered: 2026-04-02 (1mo ago)
[AI generated] "Katcon Global" is a prominent automotive supplier, specialized in the field of devel…
Logo
Industrias Guerra, S.A. ES
Crypto24
Discovered: 2026-04-02 (1mo ago)
[AI generated] Industrias Guerra, S.A. is a prominent Spanish company known for the manufacturing of…
Logo
ActionPower KR
Crypto24
Discovered: 2026-03-27 (1mo ago)
[AI generated] N/A…
Logo
Estudio O'Farrell AR
Crypto24
Discovered: 2026-03-24 (1mo ago)
[AI generated] Estudio O'Farrell is a prestigious law firm based in Buenos Aires, Argentina. Known f…
Logo
Invaccs software technologies pvt ltd IN
Crypto24
Discovered: 2026-03-10 (2mo ago)
[AI generated] Invaccs Software Technologies Pvt Ltd is a technology company, based in India, that s…
Logo
Comprehensive Orthopaedics and Musculoskeletal Care, LLC US
Crypto24
Discovered: 2026-03-09 (2mo ago)
HIPAA personal information for over 100,000 people...…
Logo
Rowad Modern Engineering EG
Crypto24
Discovered: 2026-03-05 (2mo ago)
[AI generated] Rowad Modern Engineering is an Egypt-based construction firm specializing in the impl…
Logo
Putnam Precision, Inc. US
Crypto24
Discovered: 2026-02-09 (3mo ago)
[AI generated] Putnam Precision, Inc. is a prominent manufacturing firm based in the USA, specializi…
Logo
MRC Prion Unit and Institute of Prion Diseases GB
Crypto24
Discovered: 2026-01-24 (3mo ago)
According to our guidelines, full data will be released once the timer expires.…
Logo
Yource Bulgaria & Greece BG
Crypto24
Discovered: 2026-01-21 (3mo ago)  ·  Attack est.: 2025-12-30
Yource Bulgaria & Greece is a customer experience and contact center services provider supporting ma…
Logo
Unified Assessment Platform ExamRoom.AI US
Crypto24
Discovered: 2025-12-23 (4mo ago)
***…
Logo
SASP SNCC AUTOMATISME SOLUTIONS PROCESS FR
Crypto24
Discovered: 2025-12-17 (5mo ago)
***…
Logo
Hollysys Asia Pacific SG
Crypto24
Discovered: 2025-12-01 (5mo ago)
[AI generated] Hollysys Asia Pacific is part of Hollysys Automation Technologies Ltd, a leading prov…
Logo
Bayu Buana Travel Service ID
Crypto24
Discovered: 2025-11-15 (6mo ago)  ·  Attack est.: 2025-10-20
We have successfully extracted over 500GB of documents from your internal network, including interna…
Logo
AsahiKASEI MICRODEVICES US
Crypto24
Discovered: 2025-11-12 (6mo ago)
...…
Logo
Meinhardt Group SG
Crypto24
Discovered: 2025-10-27 (6mo ago)  ·  Attack est.: 2025-10-24
...…
Logo
Bayu Buana Travel ID
Crypto24
Discovered: 2025-10-27 (6mo ago)
...…
Logo
U.S. Vanadium Holding Company LLC US
Crypto24
Discovered: 2025-10-21 (6mo ago)  ·  Attack est.: 2025-10-20
We have successfully extracted over 300GB of documents from your internal network, including interna…
Logo
Banco Hipotecario del Uruguay UY
Crypto24
Discovered: 2025-10-03 (7mo ago)
We have exfiltrated over 700GB of most sensitive highly sensitive customer PII, financial/accounting…
Logo
Generali Group IT
Crypto24
Discovered: 2025-09-18 (8mo ago)
***…
Logo
Palmgold Management Sdn Bhd MY
Crypto24
Discovered: 2025-08-18 (9mo ago)  ·  Attack est.: 2025-08-05
We have exfiltrated over 500GB of most sensitive and business-critical data from palmgold's internal…
Logo
CMS Legal Services EEIG DE
Crypto24
Discovered: 2025-08-16 (9mo ago)  ·  Attack est.: 2023-12-13
We are in possession of highly confidential data belonging to CMS, one of the largest international …
Logo
Karndean International, LLC US
Crypto24
Discovered: 2025-08-15 (9mo ago)  ·  Attack est.: 2025-07-25
We have exfiltrated over 600GB of your most sensitive corporate data, including financial, technical…
Logo
Kar ***
Crypto24
Discovered: 2025-08-12 (9mo ago)
...…
Logo
SOUBEIRAN CHOBET S.R.L. AR
Crypto24
Discovered: 2025-07-22 (9mo ago)  ·  Attack est.: 2025-07-14
We have exfiltrated over 300GB of most sensitive and business-critical data from internal servers in…
Logo
TransCore ITS, LLC AE
Crypto24
Discovered: 2025-07-20 (10mo ago)  ·  Attack est.: 2025-03-31
We’ve successfully breached the internal network of TransCore’s Dubai office.Over 200 GB of internal…
Logo
Sou ***
Crypto24
Discovered: 2025-07-17 (10mo ago)
...…
Logo
Artemis Healthcare, Inc US
Crypto24
Discovered: 2025-07-16 (10mo ago)  ·  Attack est.: 2025-06-18
It contains sensitive personal data, including medical records, official documents, and imaging file…
Logo
A-Qroup Sığorta Şirkəti AZ
Crypto24
Discovered: 2025-07-16 (10mo ago)  ·  Attack est.: 2025-06-18
The entire InsureAZ database has been leaked — including real insurance documents and all related ma…
Logo
Tan Chong Motor Holdings Berhad MY
Crypto24
Discovered: 2025-07-16 (10mo ago)  ·  Attack est.: 2025-07-09
We have exfiltrated over 300GB of sensitive data, including Customer databases (all dbs of tanchong …
Logo
Warisan TC Holdings Berhad MY
Crypto24
Discovered: 2025-07-16 (10mo ago)  ·  Attack est.: 2025-07-09
We have exfiltrated over 300GB of sensitive data, including Customer databases (all dbs of wtc - TOU…
Logo
Larimart S.P.A IT
Crypto24
Discovered: 2025-07-16 (10mo ago)  ·  Attack est.: 2025-07-15
We have secured 2TB of confidential data : NATO-linked armor specifications and ballistic protection…
Logo
Tra ***
Crypto24
Discovered: 2025-07-16 (10mo ago)
...…
Logo
Tien Tuan Pharmaceutical Machinery Co. Ltd VN
Crypto24
Discovered: 2025-06-05 (11mo ago)
[AI generated] Tien Tuan Pharmaceutical Machinery Co. Ltd is a leading provider of integrated softwa…
Logo
FORTÉ US
Crypto24
Discovered: 2025-06-05 (11mo ago)
[AI generated] FORTÉ is a fitness-focused technology company that provides a subscription-based stre…
Logo
Choice AG DE
Crypto24
Discovered: 2025-05-29 (11mo ago)
[AI generated] "Choice AG" is a Switzerland-based company that specializes in providing solutions fo…
Logo
Elite Advanced Laser Corporation ( Elaser ) TW
Crypto24
Discovered: 2025-05-28 (11mo ago)  ·  Attack est.: 2025-03-06
[AI generated] Elite Advanced Laser Corporation, or Elaser, is a company that specializes in the man…
Logo
N8XT SG
Crypto24
Discovered: 2025-04-23 (1y ago)
3 TB data including Customer information, DB data, Technical documents, Projects data and Company-re…
Logo
CMC Corperation VN
Crypto24
Discovered: 2025-04-12 (1y ago)
2 TB data including Token Data, Database Data, Website Data, ... from MariaDB, MongoDB and RARS-DB e…
Logo
ModulusGroup,Ludi-SFM MC
Crypto24
Discovered: 2025-04-10 (1y ago)
casino customer info, db, ERP data, casino system projects source code and so on.…
Logo
Taxplan CA
Crypto24
Discovered: 2025-04-08 (1y ago)
Tax-related documents and data, database and programs…
Logo
Mochtar Karuwin Komar: Indonesian law firm - MKK ID
Crypto24
Discovered: 2025-04-08 (1y ago)
Legal advice, case-related documents, financial information, contracts, billing…
Logo
technoforte software pvt ltd IN
Crypto24
Discovered: 2025-04-08 (1y ago)
All source codes of technoforte's main project - Palms(including mobile version)…
Logo
International Busines Service EG
Crypto24
Discovered: 2025-04-08 (1y ago)
Identity cards including front and back of about 3,000 people (image, pdf), HR reports, Pay document…
Logo
Iris Neofinanciera CO
Crypto24
Discovered: 2025-04-08 (1y ago)
All files of google drives, google chatting data ,workmanager documents(for last 5years) ,sql dbs a…