Tengu
| RaaS
Tengu is a RaaS operation first observed in October 2025, following a double-extortion model and using Living Off The Land Binaries (LOLBins) to blend malicious activity with normal admin traffic, primarily targeting consumer goods, real estate, automotive, healthcare, and IT sectors.
Victims
49
First Discovered
2025-10-23
victim
Last Discovered
2026-03-07
victim
Inactive Since
70
days
Avg Delay
N/A
attack→claim
Infostealer
20.5%
victims with domain
Countries
25
hit
Attack Velocity — Last 12 months
Known Locations (1)
| Favicon | Title | Type | Available | Last Visit | Server Info | FQDN | |
|---|---|---|---|---|---|---|---|
|
Shisa Ransomware Blog | No | 2026-05-16T11:45:58 | Apache 2.4.58 (Win64) OpenSSL 3.1.3 PHP 8.0.30 — PHP 8.0.30 |
longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion
|
Target
Top 5 Activity Sectors
- Technology 10
- Manufacturing 8
- Public Sector 5
- Agriculture and Food Production 5
- Hospitality and Tourism 4
Top 5 Countries
-
India
5
-
United States
4
-
Morocco
4
-
Italy
3
-
Mexico
3
Heatmap
Ransom Notes (3)
Vulnerabilities Exploited (3)
| Vendor | Product | CVE | Source |
|---|---|---|---|
| DSM | DSM Data Collector | CVE-2025-43995 | |
| Microsoft | Windows Scripting Engine | CVE-2024-38178 | |
| Other | Console (ANSI Injection) | CVE-2025-55754 |
TTPs Matrix (7)
| Initial Access | Execution | Persistence | Defense Evasion | Lateral Movement | Exfiltration | Impact |
|---|---|---|---|---|---|---|
| Valid Accounts | Command and Scripting Interpreter: PowerShell | Scheduled Task/Job: Scheduled Task | Indicator Removal | Remote Services: Remote Desktop Protocol | Exfiltration Over C2 Channel | Data Encrypted for Impact |
| Command and Scripting Interpreter: Windows Command Shell | System Binary Proxy Execution | Inhibit System Recovery |
YARA Rules (1)
Indicators of Compromise (IoCs) (1)
tox
1
| Type | IOC |
|---|---|
tox
|
A458DAEFD26B207A65C2D0164B354DA25F7A77D7E52D1B16E577F3A143D8EC7C272B58F72FDD
|
Victims (49)
Sileno Companies Inc. A US company primarily operating in the hospitality and real estate sectors, i…
Community Mosaic Cic is an active company incorporated on 21 June 2018 with the registered office lo…
Eos Technology srl is a company with 15 years of experience in the ICT sector, initially starting as…
DaintyCloud offers a variety of affordable virtual private server (VPS) solutions including Windows,…
AAG Construction strives to grow our organization through investigating advancing technology, indust…
Shora Advisory is a network of accounting, consulting, and auditing firms located in major cities ac…
Jōju-in is a traditional Japanese Buddhist temple belonging to the Shingon-shū Chisan-ha (真言宗智山派) se…
Affiliated with the Government of Mexico City, it provides information and services related to the L…
PT. Mitra Utama Sinergi Tangguh is a company officially registered in Indonesia in the form of a lim…
Megasilver Information System Co., Ltd. (Chinese: 兆銀資訊系統股份有限公司) is a Taiwanese company engaged in in…
We are currently preparing all the files of the companies we hacked and will publish them for you. W…
B2 Motorsport (known as B2M for short) is an Israeli company/workshop for improving and modifying ca…
Tahkout Group is a large Algerian group of companies (sometimes described as a business alliance) fo…
KSP TLM Indonesia is a large cooperative savings and loan association in Indonesia that focuses on e…
FRUIT-BONTÉ Agroalimentaire is a Tunisian food company operating in the agricultural sector and the …
Lenotech Corporation specializes in a diverse range of technology products, including peripherals, l…
COMPAGNIE FONCIÈRE PARISIENNE (abbreviated as CFP) is a French company that operates in real estate,…
Sky Egypt specializes in tourism services, offering a range of travel packages and flight tickets. T…
La empresa Disuelas Jc Sas tiene como domicilio principal de su actividad la dirección, CALLE 26 SUR…
Prem Motors is a leading automobile dealership for Maruti Suzuki, established in 1990 and headquarte…
The National Mining Corporation (NAMICO) is a Kenyan state corporation that serves as the government…
Jakarta Nanyang School (JNY) is a co-educational institution catering to students aged 3 to 18, offe…
STRONG WINGS LLP is an Indian Limited Liability Partnership operating in the automotive, vehicle mai…
The Coconut Development Board (CDB) focuses on the promotion and development of coconut cultivation …
Deck India Engineering Pvt. Ltd. specializes in various heat treatment services including Liquid Nit…
This is a small to medium-sized Turkish company officially registered in Istanbul, operating in the …
Nafae Sanitaire S.a.r.l A local company in Tangier – Castilla district, specializing in plumbing and…
Anfibius is an Ecuadorian company specializing in providing software solutions and technology servic…
Comercial Automotriz de los Altos S.A. de C.V. is a Mexican small/medium-sized company operating in …
Nordstrom Rack is a company that operates in the Apparel & Accessories Retail industry. It employs 1…
Samson Equipment specializes in designing and manufacturing custom weight rooms tailored for schools…
https://seha.org.sa/ This is the official website of the Health Services Association in the Qassim r…
Quick Safety Electric Ltd (קויק סייפטי אלקטריק בע״מ) is an Israeli company officially registered in …
CHAROENCHAI TRANSFORMER CO., LTD. is a manufacturer and supplier of electrical transformers based in…
The website https://strategic-ts.com/ belongs to a small US-based IT and technology services company…
This is the official website of the Baja California State Government in Mexico — an important govern…
Revnomix - India Provides data analytics and revenue management services for hotels. Founded as a ho…
**Rollingertec S.A. - Luxembourg** Offering integrated solutions in the field of building technology…
Coral Clubes - Mexico The Fimex Group offers a collection of luxury leisure and sports clubs, with a…
Le Multi Laboratoire LC2A offers a platform for businesses looking to test or analyze their products…
UniCursos, Brazil - Offers preparation courses for public sector exams in São José dos Campos and su…
Food & Music Management SL, based in Barcelona, Spain, is a leading company in the hospitality and e…
Al Ramal Group is a manufacturing company specializing in food products. Al Ramal Food Industries FZ…
Star Legumes, Morocco - Provides wholesale services for fruits, vegetables, spices, and dried seeds …
Qatargas and Tar Company, Iran - Provides industrial gas and tar products to the petrochemical secto…