[ For GroupLink (TOR), you need to change BAWANG with ONION, example: https://tegbmnhkbpqz637f2yd.bawang >> https://tegbmnhkbpqz637f2yd.onion ]
| Country | Discovered | Published | Group Name | Victim | Source | Description |
|---|---|---|---|---|---|---|
| 2023-10-30 | 2023-10-30 | RANSOMED Google | Research | RANSOMEDVC IS FOR SALE About Victim | Screenshot GroupLink | I do not want to continue being monitored by federal agencies and i would wish to sell the project to someone who will want to continue it. We are selling everything. IN PACKAGE: Domains 1 Ransomware Builder = 100% FUD – Bypassing all AV’s and automatically infecting all LAN device’s inside network.. – automatically escalate… | |
| 2023-10-22 | 2023-10-22 | RANSOMED Google | Research | RANSOMEDVC LAUNCHES A FORUM About Victim | Screenshot GroupLink | Visit us: http://g6ocfx3bb3pvdfawbgrbt3fqoht5t6dwc3hfmmueo76hz46qepidnxid.onion | |
| 2023-10-20 | 2023-10-20 | RANSOMED Google | Research | WE HIRE PENTESTERS(5BTC PAYOUT) About Victim | Screenshot GroupLink | @RansomedSupport on telegram to join Ransomed.vc is in need of only advanced pentesters, our jobs are one of the highest paid you can ever find. If you have the skills, be so kind and come earn what you deserve. @RansomedSupport to join. | |
| 2023-10-16 | 2023-10-16 | RANSOMED Google | Research | RANSOMEDVC PENTEST SERVICES! About Victim | Screenshot GroupLink | Ransomedvc now offers pentesting services! share your targets with us on @RansomedSupport on telegram. Guaranteed results! | |
| 2023-10-16 | 2023-10-16 | RANSOMED Google | Research | RE : CLARIFICATION About Victim | Screenshot GroupLink | Third-party involvement in the editing of the last 2 posts cannot be more obvious, considering the English is far more fluent than previous posts made by RansomedVC. We have no direct, or indirect affiliation(s) with RansomedVC on an operational level. They have not been compensated financially or otherwise for this. We both share the sole… | |
| 2023-10-16 | 2023-10-16 | RANSOMED Google | Research | ROB LEE EVIDENCE : SNEAK PEEK About Victim | Screenshot GroupLink | Note : Threat actor Rob Lee has failed to cooperate with the demands made by us, including an admission of guilt & wrongdoing, and an immediate resignation. Therefore, we must expose Rob Lee for who he is – a threat actor working under the guise of a powerful executive, who is in this solely for… | |
| 2023-10-15 | 2023-10-15 | RANSOMED Google | Research | COLONIAL PIPELINE COMPANY About Victim | Screenshot GroupLink | Threat actors – they hide amongst us. It is becoming increasingly difficult to differentiate these bad actors from our heroic cyber front-line responders, who work night & day to protect their clients from ever-growing cyber threats. In fact, as we’ll discuss here, some of these threat actors operate under the guise of powerful cyber-security executives.… | |
| 2023-10-15 | 2023-10-15 | RANSOMED Google | Research | ACCENTURE BREACH EVIDENCE & DEBUNKING ROB LEE’S LIES About Victim | Screenshot GroupLink | How ironic! Rob Lee, the outed threat actor, working under the guise of a seasoned cyber-security professional, recently tweeted the above, in an attempt to throw shade at the various claims made about him. In one such email exchange, Rob asks Dragos colleague Nanci Uher for her thoughts on using stolen data from the Accenture… | |
| 2023-10-15 | 2023-10-15 | RANSOMED Google | Research | WEBPAG.COM.BR DATABASE LEAKED About Victim | Screenshot GroupLink | ||
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | METROCLUB.ORG About Victim | Screenshot GroupLink | We successfully extracted the entire content of the metroclub.org website, belonging to Metroclub, a private club based in Washington, D.C. The extracted data amounts to 2.1 terabytes. The accompanying screenshot provides a glimpse of critical information, although we are still in the process of collecting additional data. Our haul includes the complete membership list, employee… | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | OPTIMITY UK About Victim | Screenshot GroupLink | We’ve successfully obtained control of their entire Azure cloud environment, which now resides under our supervision. Regrettably for them and fortunately for us, we’ve also secured access to data from over 1000 companies that were utilizing their cloud services. In the event that Optimity does not comply with our demands, we will begin to initiate… | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | BAUMIT BULGARIA About Victim | Screenshot GroupLink | We have successfuly obtained all data from Balmit.bg. We have got all of their data + source + private data from their servers.We require a ransom of $100,000 $80,000 Deal of the day | |
| BR | 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | NOVOINGRESSO.COM.BR About Victim | Screenshot GroupLink | Our group was able to access everything from the main company servers, and it happened that their data was on the server too(shared) Sample: https://qu.ax/LHRf.gz |
| BR | 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | WEBPAG.COM.BR About Victim | Screenshot GroupLink | Sample: https://qu.ax/LHRf.gOur group was able to access everything from the main company servers, and it happened that their data was on the server too(shared) Sample: https://qu.ax/LHRf.gz |
| BR | 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | RODOVIARIAONLINE.COM.BR About Victim | Screenshot GroupLink | Our group was able to access everything from the main company servers, and it happened that their data was on the server too(shared) Sample: https://qu.ax/LHRf.gz |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | KASIDA.BG DATABASE LEAKED, DOWNLOAD About Victim | Screenshot GroupLink | https://qu.ax/nUmY.7z | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | I&G BROKERS DATABASE, DOWNLOAD NOW About Victim | Screenshot GroupLink | https://qu.ax/nEqR.7z | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | PILINI.BG DATABASE, DOWNLOAD NOW! About Victim | Screenshot GroupLink | https://qu.ax/fiSD.sql | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | ILIFE.BG About Victim | Screenshot GroupLink | https://qu.ax/danH.7z | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | FUCK PALESTINE! WE BUY YOUR ACCESS!! About Victim | Screenshot GroupLink | Ransomedvc is now buying access on gaza countries + iran. message our admins! | |
| 2023-10-13 | 2023-10-13 | RANSOMED Google | Research | NEW TWITTER About Victim | Screenshot GroupLink | Tweets by RansomedSupport | |
| 2023-10-07 | 2023-10-07 | RANSOMED Google | Research | DALLBOGG BREACH About Victim | Screenshot GroupLink | We have taken everything from your servers, you failed to contact us back, contact ASAP to fix. We are in charge of user data, id photos and a lot more. sample1 : https://qu.ax/bcmm.7z sample2: https://qu.ax/uYyy.7z | |
| 2023-10-07 | 2023-10-07 | RANSOMED Google | Research | PARTNERSHIP WITH BREACHFORUMS About Victim | Screenshot GroupLink | links: http://breachedu76kdyavc6szj6ppbplfqoz3pgrk3zw57my4vybgblpfeayd.onion/ https://breachforums.is/ Our group has decided to partner with a forum we did not really believe into first. We had thoughts the project is dead, but wait, It ISNT. Our team has seen breachforums is keeping their operation way more serious than ever, this means our team will and would use their forum to… | |
| JP | 2023-10-06 | 2023-10-04 | RANSOMED Google | Research | NTT DOCOMO About Victim | Screenshot GroupLink | With approximately 310,000 employees worldwide, NTT (Nippon Telegraph and Telephone Corporation) is one of the world’s leading telecommunications carriers. It is chosen by as many as 88% of the top 100 companies in the Fortune Global Business Ranking “Fortune 500”, an annual U.S. business magazine. We offer a wide range of services in Japan, from… |
| 2023-10-06 | 2023-10-05 | RANSOMED Google | Research | (SALE) DISTRICT OF COLUMBIA ELECTIONS 600K LINES VOTERS DATA About Victim | Screenshot GroupLink | We have successfully breached the District of Columbia Board Of Elections and have gotten more than 600k lines of USA Voters: see a small sample here: https://paste.ec/raw/UhDgH8I8#ub86MOR2-yKYUVcuZRbXXW5hQzBXYIHWTmvntzHSEE1 Contact us at https://t.me/RansomedSupport | |
| 2023-09-26 | 2023-09-16 | RANSOMED Google | Research | GOV.LA About Victim | Did I hear gov? Yep. We have accessed the majorty of their servers that were storing personal data, Passport Data,SSNs,NAMES,ADDRESSES and a lot moreWe require a ransom of $50,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | MANGO.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | POPOLO.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | EBAG.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | ANDREWS.BG About Victim | We will leak all of the info we have on you if dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | ARDES.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $50,000 | ||
| 2023-09-26 | 2023-09-25 | RANSOMED Google | Research | MYSHOES.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | ECCO.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | DISTRICTSHOES.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | FOOTSHOP.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $15,000 | ||
| 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | PUNTO.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $30,000 | ||
| 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | BNM.BG About Victim | We will leak all of the info we have on you if we dont get paid.We require a ransom of $14,000 | ||
| JP | 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | SONY.COM About Victim | Sony Group Corporation, formerly Tokyo Telecommunications Engineering Corporation, and Sony Corporation, is a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, JapanWe have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE----- File tree:linkSample Of Data:link-----WE ARE SELLING IT | |
| JP | 2023-09-26 | 2023-09-26 | RANSOMED Google | Research | NTT DOCOMO - JAPAN 1ST MOBILE OPERATOR About Victim | With approximately 310,000 employees worldwide, NTT (Nippon Telegraph and Telephone Corporation) is one of the world's leading telecommunications carriers. It is chosen by as many as 88% of the top 100 companies in the Fortune Global Business Ranking "Fortune 500", an annual U.S. business magazine. We offer a wide range of services in Japan, from fixed-line and mobile phones to the Internet and system integration.We have got into their base and exfiltrated everything from there, we dont get paid.We require a ransom of $1,015,000 | |
| 2023-09-09 | 2023-09-09 | RANSOMED Google | Research | AIRELEC.BG About Victim | All of your customer data,records and private documents are mine now, if you pay you wiWe require a ransom of $8,000 | ||
| 2023-09-09 | 2023-09-09 | RANSOMED Google | Research | PILINI.BG About Victim | You have been hacked, all your data is now mine, if you want to get your backups back you will have to pay us.We require a ransom of $8,000 | ||
| 2023-09-09 | 2023-09-09 | RANSOMED Google | Research | KASIDA.BG About Victim | We have been able to access all of linktera critical infrastructure including her database, we dumped and then deleted all backups from the serversWe require a ransom of $8,000 | ||
| 2023-09-09 | 2023-09-09 | RANSOMED Google | Research | PROXY-SALE.COM About Victim | We have been able to access all of linktera critical infrastructure including the database, we dumped and then deleted all backups from the serversWe require a ransom of $12,000 | ||
| 2023-09-08 | 2023-09-08 | RANSOMED Google | Research | LINKTERA About Victim | We have been able to access all of linktera critical infrastructure including her database, we dumped and then deleted all backups from the serversWe require a ransom of $23,000 | ||
| US | 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | EASYDENTALCARE.US About Victim | We Have accessed all of the critical infrasrtucture of the company, we are on our way to publish all of the data, if not paidArchive SnapshotWe require a ransom of $18,000 | |
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | QUANTINUUM.COM About Victim | we have access everything on their servers, including the Database, and other non public documents. | ||
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | LAASR.EU About Victim | we have access everything on their servers, including the Database, and other non public documents.We require a ransom of$11,000$10,000 | ||
| RU | 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | MEDCENTER-TAMBOV.RU About Victim | we have access everything on their servers, including the Database, and other non public documents.We are not going to make them public unless we get paid.We require a ransom of $25,000 | |
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | MAKFLIX.EU About Victim | we have access everything on their servers, including the Database,Customers Chats, and other non public documents.We require a ransom of$10,000$9,000 | ||
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | NUCLEUS.LIVE About Victim | we have access everything on their servers, including the Database,Customers Chats, Bank Transfer DocumentsArchive SnapshotWe require a ransom of $18,000 | ||
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | WANTAGER.COM About Victim | we have access everything on their servers, including the Database,Customers Chats, Bank Transfer DocumentsArchive SnapshotWe require a ransom of $10,000 | ||
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | SWIPE.BG About Victim | We have successfuly obtained all data from Swipe.bg A online marketplace known for its cheap prices. Data we obtained: Userdata,Customer chats,SSNs,Numbers,Addresses and moreWe require a ransom of $50,000. | ||
| 2023-09-04 | 2023-09-04 | RANSOMED Google | Research | BALMIT BULGARIA About Victim | We have successfuly obtained all data from Balmit.bg. We have got all of their data + source + private data from their servers.We require a ransom of$100,000$80,000 | ||
| AU | 2023-09-03 | 2023-09-03 | RANSOMED Google | Research | PHMS.COM.AU About Victim | We have hacked and exported the database of phms.com.au. We have gathered root access and access to their mysqlWe require a ransom of $10,000 | |
| 2023-09-03 | 2023-09-03 | RANSOMED Google | Research | PAYNESVILLEAREAINSURANCE.COM About Victim | We have compromissed the servers of paynesvilleareainsurance.com. We decided to make sure they remember us so we have also defaced them.Archive SnapshopWe require a ransom of $10,000 | ||
| 2023-09-03 | 2023-09-03 | RANSOMED Google | Research | SKF.COM About Victim | SKF�s network was compromised(by collaboration withEverest Ransomware Group) a few days ago. The company continues to be silent about the problem.A representative of the company should contact us immediately, instructions have all been sended in the emails.Otherwise, we will start communicating with your competitors.Data stolen : 2.19 TerabytesData Info : Internal Documents, Data Bases, Customer [�]We require a ransom of $100,000 | ||
| 2023-09-01 | 2023-09-01 | RANSOMED Google | Research | HAWAII HEALTH SYSTEM About Victim | We were able to dump and deface the official site of the hawaii health system. We demand a ransom not in the form of money but in the form of public Excuse. We want Joe Biden to come with a russian flag in hands and Excuse himselfs for what he did until now.Wayback Archive Snapshot | ||
| 2023-08-31 | 2023-08-31 | RANSOMED Google | Research | METROCLUB DC About Victim | We were able to dump the entire metroclub.org site. Metroclub is a privte club from DC. There is 2.1TB of data. This screenshot show most of important info but still gathering a lot of data. We have their entire members list and employee data. Source and costumers data. | ||
| 2023-08-31 | 2023-08-31 | RANSOMED Google | Research | S&P About Victim | Affected nearly 6tb of data. Because of the size of the data I require a payment to the following address only. We demand 200,000 euro. bc1qqc7nla44te4wxyvf9j7zxtc5q296sxn94k6v00 | ||
| 2023-08-31 | 2023-08-31 | RANSOMED Google | Research | POWERSPORTS MARKETING About Victim | We are in hold of Everything any of their employes ever downloaded or used on their systems. whole cloud has been accessed. We are in hold of 2.1tb of data from their cloud.file tree:download(https://cdn.bunkr.ru/directory_tree-UvBawJCp.txt) | ||
| 2023-08-28 | 2023-08-28 | RANSOMED Google | Research | PSM About Victim | Screenshot GroupLink | ||
| 2023-08-27 | 2023-08-27 | RANSOMED Google | Research | METROPOLITAN CLUB DC About Victim | Screenshot GroupLink | We were able to dump the entire metroclub.org site. Metroclub is a privte club from DC. There is 2.1TB of data. This screenshot show most of important info but still gathering a lot of data. We have their entire members list and employee data. Source and costumers data. | |
| 2023-08-26 | 2023-08-26 | RANSOMED Google | Research | STATE FARM About Victim | Screenshot GroupLink | ||
| 2023-08-23 | 2023-08-23 | RANSOMED Google | Research | TRANSUNION About Victim | Screenshot GroupLink | ||
| 2023-08-23 | 2023-08-23 | RANSOMED Google | Research | JHOOKER About Victim | Screenshot GroupLink | ||
| GB | 2023-08-23 | 2023-08-23 | RANSOMED Google | Research | OPTIMITY.CO.UK About Victim | Screenshot GroupLink | Their whole azure cloud was exported and is now in our hands. luckly and sadly for them we have taken access to more than 1000 companies data they have stored on their cloud. if optimity does not pay we will start ransoming them, one by one.Size of the leak is 5tb |
| BG | 2023-08-21 | 2023-08-21 | RANSOMED Google | Research | I&G BROKERS About Victim | Screenshot GroupLink | I&G brokers are top top favourite Bulgarian Broker houses.First Payment Due, leaking dataDownload Sample(https://pomf2.lain.la/f/XXXXXX.7z) |
| 2023-08-21 | 2023-08-21 | RANSOMED Google | Research | A1 About Victim | Screenshot GroupLink | A1 Data Provider (1/4 partial payments have been paid on 2023-08-23) |
