Ransomed
| RaaS
RansomedVC was a short-lived extortion group active from August to November 2023 that claimed high-profile victims including Sony, innovating by threatening GDPR regulatory fines as an additional extortion lever; it briefly operated as a RaaS before shutting down in an apparent exit scam following reported arrests of six members.
Victims
68
First Discovered
2023-08-21
victim
Last Discovered
2023-10-30
victim
Inactive Since
2yrs
more than
Avg Delay
2.1
days
Infostealer
27.1%
victims with domain
Countries
10
hit
Known Locations (4)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
No | 2026-04-28T07:25:56 |
ransomed.vc
|
||||
|
404 Not Found | No | 2026-04-28T07:28:28 |
k63fo4qmdnl4cbt54sso3g6s5ycw7gf7i6nvxl3wcf3u6la2mlawt5qd.onion
|
|||
|
Ransomedvc – Leading Agency In Digital Peace – Ran | No | 2026-04-28T07:31:00 |
f6amq3izzsgtna4vw24rpyhy3ofwazlgex2zqdssavevvkklmtudxjad.onion
|
|||
|
Ransomed | No | 2026-04-28T07:32:23 |
g6ocfx3bb3pvdfawbgrbt3fqoht5t6dwc3hfmmueo76hz46qepidnxid.onion
|
Target
Top 5 Activity Sectors
- Consumer Services 15
- Technology 10
- Financial Services 7
- Business Services 4
- Healthcare 3
Top 5 Countries
-
Bulgaria
19
-
Brazil
3
-
Japan
3
-
Saint Vincent and the Grenadines
1
Heatmap
YARA Rules (1)
Victims (68)
I do not want to continue being monitored by federal agencies and i would wish to sell the project t…
Visit us: http://g6ocfx3bb3pvdfawbgrbt3fqoht5t6dwc3hfmmueo76hz46qepidnxid.onion…
@RansomedSupport on telegram to join Ransomed.vc is in need of only advanced pentesters, our jobs ar…
Ransomedvc now offers pentesting services! share your targets with us on @RansomedSupport on telegra…
Third-party involvement in the editing of the last 2 posts cannot be more obvious, considering the E…
Note : Threat actor Rob Lee has failed to cooperate with the demands made by us, including an admiss…
Threat actors – they hide amongst us. It is becoming increasingly difficult to differentiate these b…
How ironic! Rob Lee, the outed threat actor, working under the guise of a seasoned cyber-security pr…
We successfully extracted the entire content of the metroclub.org website, belonging to Metroclub, a…
We’ve successfully obtained control of their entire Azure cloud environment, which now resides under…
We have successfuly obtained all data from Balmit.bg. We have got all of their data + source + priva…
Our group was able to access everything from the main company servers, and it happened that their da…
Sample: https://qu.ax/LHRf.gOur group was able to access everything from the main company servers, a…
Our group was able to access everything from the main company servers, and it happened that their da…
Ransomedvc is now buying access on gaza countries + iran. message our admins!…
We have taken everything from your servers, you failed to contact us back, contact ASAP to fix. We a…
links: http://breachedu76kdyavc6szj6ppbplfqoz3pgrk3zw57my4vybgblpfeayd.onion/ https://breachforums.i…
With approximately 310,000 employees worldwide, NTT (Nippon Telegraph and Telephone Corporation) is …
We have successfully breached the District of Columbia Board Of Elections and have gotten more than …
We will leak all of the info we have on you if dont get paid.We require a ransom of $15,000…
We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000…
We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000…
We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000…
With approximately 310,000 employees worldwide, NTT (Nippon Telegraph and Telephone Corporation) is …
All of your customer data,records and private documents are mine now, if you pay you wiWe require a …
We have been able to access all of linktera critical infrastructure including the database, we dumpe…
We Have accessed all of the critical infrasrtucture of the company, we are on our way to publish all…
we have access everything on their servers, including the Database, and other non public documents.…
we have access everything on their servers, including the Database, and other non public documents.W…
we have access everything on their servers, including the Database,Customers Chats, and other non pu…
we have access everything on their servers, including the Database,Customers Chats, Bank Transfer Do…
we have access everything on their servers, including the Database,Customers Chats, Bank Transfer Do…
We have successfuly obtained all data from Balmit.bg. We have got all of their data + source + priva…
We have hacked and exported the database of phms.com.au. We have gathered root access and access to …
We have compromissed the servers of paynesvilleareainsurance.com. We decided to make sure they remem…
We were able to dump and deface the official site of the hawaii health system. We demand a ransom no…
We were able to dump the entire metroclub.org site. Metroclub is a privte club from DC. There is…
We are in hold of Everything any of their employes ever downloaded or used on their systems. whole c…
We were able to dump the entire metroclub.org site. Metroclub is a privte club from DC. There is 2.1…
Their whole azure cloud was exported and is now in our hands. luckly and sadly for them we have take…
I&G brokers are top top favourite Bulgarian Broker houses.First Payment Due, leaking dataDownload Sa…
