Ransomware Stats

[ { “activity”: “Not Found”, “attackdate”: “2025-05-09 19:16:41.521540”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=7uP61FNOQOXarQ”, “country”: “CA”, “description”: “Canada”, “discovered”: “2025-05-09 19:18:09.493134”, “domain”: “www.emx.ca”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/16f3bca0853d72cfa7588e8101fa8ce7.png”, “url”: “https:\/\/www.ransomware.live\/id\/RU1YIEVudGVycHJpc2VzQHBsYXk=”, “victim”: “EMX Enterprises” }, { “activity”: “Technology”, “attackdate”: “2025-05-09 19:15:12.792368”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=rZyewzltYUmALK”, “country”: “US”, “description”: “United States”, “discovered”: “2025-05-09 19:16:41.208680”, “domain”: “www.verrex.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/6d3b832b9396010e2d5189ab0c4397cd.png”, “url”: “https:\/\/www.ransomware.live\/id\/VmVycmV4QHBsYXk=”, “victim”: “Verrex” }, { “activity”: “Consumer Services”, “attackdate”: “2025-05-09 19:13:44.257455”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=wFEF20CwU8Ink”, “country”: “US”, “description”: “United States”, “discovered”: “2025-05-09 19:15:12.477986”, “domain”: “www.sweetshopusa.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/fa2f5e65b8837eff8f9755e84737da93.png”, “url”: “https:\/\/www.ransomware.live\/id\/U3dlZXQgU2hvcCBVU0FAcGxheQ==”, “victim”: “Sweet Shop USA” }, { “activity”: “Technology”, “attackdate”: “2025-05-09 19:12:13.277580”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=9EY3lkouXUF4iD”, “country”: “US”, “description”: “United States”, “discovered”: “2025-05-09 19:13:43.905553”, “domain”: “www.gisticinc.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/bfc6c81a18cfe3ddfc684d79e52f8f20.png”, “url”: “https:\/\/www.ransomware.live\/id\/R2lzdGljIFJlc2VhcmNoQHBsYXk=”, “victim”: “Gistic Research” }, { “activity”: “Financial Services”, “attackdate”: “2025-05-09 17:53:34.397116”, “claim_url”: “http:\/\/santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion\/\/checkcity-com”, “country”: “US”, “description”: “[AI generated] CheckCity.com is a financial services company based in Provo, Utah. It offers a variety of services, including payday loans, cash advances, title loans, and check cashing. It also provides money orders, wire transfers, tax services, and prepaid debit cards. Founded in 1986, CheckCity operates both online and through physical branches. It serves clients across multiple states in the US.\n”, “discovered”: “2025-05-09 17:54:09.464682”, “domain”: “CHECKCITY.COM”, “duplicates”: [], “extrainfos”: [], “group”: “clop”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q0hFQ0tDSVRZLkNPTUBjbG9w”, “victim”: “CHECKCITY.COM” }, { “activity”: “Agriculture and Food Production”, “attackdate”: “2025-05-09 11:26:02.478281”, “claim_url”: “”, “country”: “US”, “description”: “Mountain View Mushrooms Mountain View Mushrooms was established in 2003. We are the largest producer and wholesaler of fresh mushrooms in the Intermountain West.”, “discovered”: “2025-05-09 11:26:04.455167”, “domain”: “mountainviewmushrooms.com”, “duplicates”: [], “extrainfos”: [], “group”: “rhysida”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 17:29:34”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-09 17:29:27”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TW91bnRhaW4gVmlldyBNdXNocm9vbXNAcmh5c2lkYQ==”, “victim”: “Mountain View Mushrooms” }, { “activity”: “Financial Services”, “attackdate”: “2025-05-09 10:23:00.000000”, “claim_url”: “http:\/\/lockbit435xk3ki62yun7z5nhwz6jyjdp2c64j5vge536if2eny3gtid.onion\/post\/w6g1L0OoFFe7gg6n681dd79919a5b”, “country”: “US”, “description”: “The Hennessy Funds are offered only to United States residents, and information on this web site is intended only for such persons.”, “discovered”: “2025-05-09 11:00:02.002572”, “domain”: “hennessyfunds.com”, “duplicates”: [], “extrainfos”: [], “group”: “lockbit3”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 10:58:30”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/87a86f5e5a1fd8462bbefffc0172602a.png”, “url”: “https:\/\/www.ransomware.live\/id\/aGVubmVzc3lmdW5kcy5jb21AbG9ja2JpdDM=”, “victim”: “hennessyfunds.com” }, { “activity”: “Not Found”, “attackdate”: “2025-05-09 07:48:21.267485”, “claim_url”: “”, “country”: “TH”, “description”: “375K USD”, “discovered”: “2025-05-09 07:48:22.931065”, “domain”: “dailynews.co.th”, “duplicates”: [], “extrainfos”: { “ransom”: “info on \/thainews.html” }, “group”: “devman”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: { “CRYPTBOT”: 2, “Lumma”: 8, “Raccoon”: 2, “RedLine”: 20, “StealC”: 6, “UNKNOWN”: 2, “Vidar”: 2 }, “thirdparties”: 5, “thirdparties_domain”: 4, “update”: “2025-05-09 07:48:05”, “users”: 31, “users_url”: 18 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/ZGFpbHluZXdzLmNvLnRoQGRldm1hbg==”, “victim”: “dailynews.co.th” }, { “activity”: “Construction”, “attackdate”: “2025-05-09 00:00:00.000000”, “claim_url”: “”, “country”: “AT”, “description”: “G. Klampfer Elektroanlagen GmbH is a company specializing on buil\nding services as well as general contractor activities based in A\nustria.\n\nWe are going to upload more than 20GB of corporate documents. Lot\ns of detailed employee information (medical records, drivers lice\nnses), projects information, financial data of clients, NDAs, etc\n.\n”, “discovered”: “2025-05-09 13:48:48.998203”, “domain”: “klampfer.at”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 17:27:38”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-09 17:27:29”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/S2xhbXBmZXIgRWxla3Ryb2FubGFnZW5AYWtpcmE=”, “victim”: “Klampfer Elektroanlagen” }, { “activity”: “Business Services”, “attackdate”: “2025-05-09 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “Ward D. Jones has practiced law in Hawaii for 30 years and handle\nd trials in state courts on all of the islands, Hawaii federal co\nurt, as well as Hawaii arbitrations.\n\nWe are going to upload more than 102GB of essential corporate doc\numents. You will find a lot of client information (medical record\ns, drivers licenses, passports, birth\\death certificates), court \nconfidential files, financial data of clients, NDAs, etc.\n”, “discovered”: “2025-05-09 15:19:40.267832”, “domain”: “bervar-jones.com”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 17:26:18”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-09 17:26:08”, “description”: “Update activity” }, { “date”: “2025-05-09 17:26:12”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmVydmFyIGFuZCBKb25lc0Bha2lyYQ==”, “victim”: “Bervar and Jones” }, { “activity”: “Manufacturing”, “attackdate”: “2025-05-08 19:05:38.682803”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=hc5X4VXtEfcCdk”, “country”: “CA”, “description”: “Canada”, “discovered”: “2025-05-08 19:07:06.505606”, “domain”: “www.unitrak.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/505db5b1e8f8fdc9ace4f3766a28cf9b.png”, “url”: “https:\/\/www.ransomware.live\/id\/VW5pVHJha0BwbGF5”, “victim”: “UniTrak” }, { “activity”: “Manufacturing”, “attackdate”: “2025-05-08 15:40:39.295241”, “claim_url”: “”, “country”: “PT”, “description”: “Selenis is part of the IMG Group, a family-owned multin\national with presence in the polymers industry since 19\n59. Selenis is a premium supplier of innovative copolye\nsters for a diverse range of applications. \n\nWe are going to upload more than 70GB of essential corp\norate documents such as: a lot of detailed client perso\nnal information and documents (passports, medical recor\nds, drivers licenses), confidential court files, financ\nial data of clients, NDAs, etc.\n\nWe have made the process of downloading company data as\nsimple as possible for our users. All you need is any \ntorrent client (like Vuze, Utorrent, qBittorrent or Tra\nnsmission to use magnet links). You will find the torre\nnt file above.\n\n1. Open uTorrent, or any another torrent client.\n2. Add torrent file or paste the magnet URL to upload t\nhe data safely.\n3. Archives have no password.\n\nMAGNET URL: magnet:?xt=urn:btih:3E617C6AA6203015473D6D2\n2A3AF0F247EC9FB0E&dn=selenis.com&tr=udp:\/\/tracker.openb\nittorrent.com:80\/announce&tr=udp:\/\/tracker.opentrackr.o\nrg:1337\/announce\n”, “discovered”: “2025-05-08 15:40:40.966924”, “domain”: “selenis.com”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-08 16:40:47”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-08 16:40:41”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2VsZW5pcyAoRXZlcnRpcylAYWtpcmE=”, “victim”: “Selenis (Evertis)” }, { “activity”: “Business Services”, “attackdate”: “2025-05-08 05:49:43.585984”, “claim_url”: “http:\/\/ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion\/news\/Khidmah”, “country”: “AE”, “description”: “[AI generated] Khidmah LLC is a comprehensive real estate services company based in Abu Dhabi, United Arab Emirates. Founded in 2009, the company provides a wide range of solutions including property management, leasing and sales, facilities management, home maintenance, cleaning, landscaping, and pool maintenance. With its customer-focused approach, Khidmah caters to residential, retail and commercial properties.”, “discovered”: “2025-05-08 05:50:56.794204”, “domain”: “Khidmah.Com”, “duplicates”: [], “extrainfos”: [], “group”: “everest”, “infostealer”: “”, “modifications”: [ { “date”: “2025-05-08 06:32:09”, “description”: “Update website” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/fa4fff68afb3e7c0e92b883370c777ab.png”, “url”: “https:\/\/www.ransomware.live\/id\/S2hpZG1haEBldmVyZXN0”, “victim”: “Khidmah” }, { “activity”: “Construction”, “attackdate”: “2025-05-08 05:48:26.178140”, “claim_url”: “http:\/\/ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion\/news\/Kaefer”, “country”: “GB”, “description”: “[AI generated] Kaefer is a global company that specializes in providing services in insulation technology, interior outfitting, surface protection, passive fire protection & refractory, and access solutions. Headquartered in Bremen, Germany, the firm operates in various sectors such as industry, offshore, marine, and construction. Established in 1918, Kaefer aims to provide energy efficient solutions and services.”, “discovered”: “2025-05-08 05:49:43.052851”, “domain”: “Kaefer.com”, “duplicates”: [], “extrainfos”: [], “group”: “everest”, “infostealer”: “”, “modifications”: [ { “date”: “2025-05-08 06:32:18”, “description”: “Update website” }, { “date”: “2025-05-08 06:33:09”, “description”: “Update country” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/d0bf52059cf5363b7a9c4c80aa45be0f.png”, “url”: “https:\/\/www.ransomware.live\/id\/S2FlZmVyQGV2ZXJlc3Q=”, “victim”: “Kaefer” }, { “activity”: “Technology”, “attackdate”: “2025-05-08 00:00:00.000000”, “claim_url”: “http:\/\/novavdivko2zvtrvtllnq45lxhba2rfzp76qigb4nrliklem5au7czqd.onion\/Novaevo”, “country”: “IT”, “description”: “\u200b\”Novaevo\” refers to a specialized software solution developed by T.consulT, an Italian company, designed to manage the lifecycle of technical documentation in industrial sectors, particularly aerospace and defense. The software ensures…”, “discovered”: “2025-05-08 14:35:23.658863”, “domain”: “t-consult.it”, “duplicates”: [], “extrainfos”: [], “group”: “nova”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-08 16:42:52”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-08 16:42:34”, “description”: “Update country” }, { “date”: “2025-05-08 16:42:40”, “description”: “Update activity” }, { “date”: “2025-05-08 16:42:45”, “description”: “Update website” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/fb3d2491945cf35bcfa0f83095953fae.png”, “url”: “https:\/\/www.ransomware.live\/id\/bm92YWV2bysgLyBULmNvbnN1bFRAbm92YQ==”, “victim”: “novaevo+ \/ T.consulT” }, { “activity”: “Manufacturing”, “attackdate”: “2025-05-08 00:00:00.000000”, “claim_url”: “”, “country”: “PT”, “description”: “Selenis is part of the IMG Group, a family-owned multinational wi\nth presence in the polymers industry since 1959. Selenis is a pre\nmium supplier of innovative copolyesters for a diverse range of a\npplications. \n\nWe are going to upload more than 70GB of essential corporate docu\nments such as: a lot of detailed client personal information and \ndocuments (passports, medical records, drivers licenses), confide\nntial court files, financial data of clients, NDAs, etc.\n”, “discovered”: “2025-05-08 14:46:49.682828”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2VsZW5pcyAoRXZlcnRpcyBpcyBhbHNvIGludm9sdmVkKUBha2lyYQ==”, “victim”: “Selenis (Evertis is also involved)” }, { “activity”: “Not Found”, “attackdate”: “2025-05-08 00:00:00.000000”, “claim_url”: “http:\/\/weyhro27ruifvuqkk3hxzcrtxv2lsalntxgkv6q2j3znkhdqudz54rqd.onion\/\/leaks\/101archstreet”, “country”: “US”, “description”: “[AI generated] N\/A”, “discovered”: “2025-05-08 21:21:00.044615”, “domain”: “101archstreet.info”, “duplicates”: [], “extrainfos”: [], “group”: “weyhro”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-08 21:24:53”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-08 21:24:47”, “description”: “Update website” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/0d367ae1279ad2302f4bad1bc4fc141e.png”, “url”: “https:\/\/www.ransomware.live\/id\/MTAxIEFyY2ggU3RyZWV0QHdleWhybw==”, “victim”: “101 Arch Street” }, { “activity”: “Not Found”, “attackdate”: “2025-05-08 00:00:00.000000”, “claim_url”: “”, “country”: “SP”, “description”: “C.E.E. APTA (Spain)”, “discovered”: “2025-05-09 18:21:22.472535”, “domain”: “ceeapta.com”, “duplicates”: [], “extrainfos”: { “data_size”: “2 GB” }, “group”: “nightspire”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 18:21:03”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Qy5FLkUuIEFQVEFAbmlnaHRzcGlyZQ==”, “victim”: “C.E.E. APTA” }, { “activity”: “Telecommunication”, “attackdate”: “2025-05-07 22:35:01.958105”, “claim_url”: “”, “country”: “PH”, “description”: “2.5 million USD”, “discovered”: “2025-05-07 22:35:03.748970”, “domain”: “gmanetwork.com”, “duplicates”: [], “extrainfos”: [], “group”: “devman”, “infostealer”: “”, “modifications”: [ { “date”: “2025-05-07 22:35:21”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Z21hbmV0d29yay5jb21AZGV2bWFu”, “victim”: “gmanetwork.com” }, { “activity”: “Technology”, “attackdate”: “2025-05-07 21:14:26.000000”, “claim_url”: “http:\/\/mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion\/blog\/79296199a4f112d4be2996b7f1f7288fa0a02db21fd752c9ccc203e7c6bd4162\/”, “country”: “US”, “description”: “Enterprise Resource Planning (ERP) Software”, “discovered”: “2025-05-08 07:02:26.195306”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “monti”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/86c9ccd39744475ef72634685d2f5ec0.png”, “url”: “https:\/\/www.ransomware.live\/id\/QW10ZWNoIFNvZnR3YXJlQG1vbnRp”, “victim”: “Amtech Software” }, { “activity”: “Transportation\/Logistics”, “attackdate”: “2025-05-07 09:15:41.822341”, “claim_url”: “http:\/\/orca66hwnpciepupe5626k2ib6dds6zizjwuuashz67usjps2wehz4id.onion\/r\/C2pAnpL4wqxIravEuM5yHfBCn43FqdIpWZyBvgO8VSq5QI1JZhGAJ4eHaEx3dUMBs3gYzR3mdVTvD2yXBgjJ2ME1JUEN2\/1”, “country”: “AT”, “description”: “\u200bLutz GmbH, operating under the name Transport Lutz Tulln, is a privately held…”, “discovered”: “2025-05-07 09:16:59.477095”, “domain”: “transport.lutztulln.com”, “duplicates”: [], “extrainfos”: [], “group”: “orca”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-07 09:15:23”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/3d9438213459e1353c25a6b8400a695c.png”, “url”: “https:\/\/www.ransomware.live\/id\/VHJhbnNwb3J0IEx1dHp0dWxsbkBvcmNh”, “victim”: “Transport Lutztulln” }, { “activity”: “Consumer Services”, “attackdate”: “2025-05-06 18:25:17.147621”, “claim_url”: “”, “country”: “DE”, “description”: “Langer & Langer GbR is a company that operates in the Retail industry. It employs 10to19 people and ha\u2026”, “discovered”: “2025-05-06 18:25:18.544492”, “domain”: “langer-langer.de”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:31:25”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:30:33”, “description”: “Update website” }, { “date”: “2025-05-06 18:31:03”, “description”: “Update website” }, { “date”: “2025-05-06 18:31:08”, “description”: “Update country” }, { “date”: “2025-05-06 18:31:14”, “description”: “Update activity” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGFuZ2VyICYgTGFuZ2VyQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Langer & Langer” }, { “activity”: “Education”, “attackdate”: “2025-05-06 15:42:10.000000”, “claim_url”: “http:\/\/xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion\/detail?id=1d6781c823f056afe2a066931469f041”, “country”: “US”, “description”: “Russell Child Development Center is a community-based non-profit organization that serves early childhood programs across 19 counties in Southwest Kansas. The center offers a variety of services including early intervention, targeted case management, and support programs for families and child care providers. Russell Child Development Center corporate office is located in 2735 N Jennie Barker Rd, Garden City, Kansas, 67846, United States and has 30 employees. The total amount of data leakage is 215.50 GB”, “discovered”: “2025-05-09 17:44:08.122889”, “domain”: “rcdc4kids.org”, “duplicates”: [], “extrainfos”: { “ransom”: 120000 }, “group”: “medusa”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 18:24:43”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-09 18:24:36”, “description”: “Update website” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/dd288d011b92b968c7815f89e0e96975.png”, “url”: “https:\/\/www.ransomware.live\/id\/UnVzc2VsbCBDaGlsZCBEZXZlbG9wbWVudCBDZW50ZXJAbWVkdXNh”, “victim”: “Russell Child Development Center” }, { “activity”: “Construction”, “attackdate”: “2025-05-06 15:35:45.000000”, “claim_url”: “http:\/\/xfv4jzckytb4g3ckwemcny3ihv4i5p4lqzdpi624cxisu35my5fwi5qd.onion\/detail?id=b1f64853d49437a6f34095873a8c30e9”, “country”: “US”, “description”: “Lake Shore Paving (founded in 1998) – services for excavation, utility, asphalt paving and concrete paving needs. Lake Shore Paving corporate office is located in 7 Osmer St, Jamestown, New York, 14701, United States and has 19 employees. The total amount of data leakage is 112.30 GB”, “discovered”: “2025-05-09 17:45:13.912772”, “domain”: “lakeshorepaving.com”, “duplicates”: [], “extrainfos”: { “ransom”: 100000 }, “group”: “medusa”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-09 18:24:00”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-09 18:23:52”, “description”: “Update website” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/b4fb570cc949285f32c439d379598769.png”, “url”: “https:\/\/www.ransomware.live\/id\/TGFrZSBTaG9yZSBQYXZpbmdAbWVkdXNh”, “victim”: “Lake Shore Paving” }, { “activity”: “Not Found”, “attackdate”: “2025-05-06 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=d222f762-ad44-3e2c-89e7-3ecfbab5c16b”, “country”: “US”, “description”: “All data of this company will be available for download on 16.05.2025. Gates & Cooper LLP is an intellectual property law firm specializing in providing high-value patent prosecution and related intellectual property legal services to large c …”, “discovered”: “2025-05-06 22:23:15.670757”, “domain”: “www.gates-cooper.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/5601bbc89694ab2878657f6f4715c6ec.png”, “url”: “https:\/\/www.ransomware.live\/id\/Z2F0ZXMtY29vcGVyLmNvbUBxaWxpbg==”, “victim”: “gates-cooper.com” }, { “activity”: “Consumer Services”, “attackdate”: “2025-05-06 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=687b15e4-2de0-382e-addf-18c00f23cf24”, “country”: “US”, “description”: “All data of this company will be available for download on 16.05.2025. J. Banks Design is a full-service interior design firm with over 55 employees, a leader in residential and hospitality design. For over thirty-six years, our certified des …”, “discovered”: “2025-05-06 22:24:52.027313”, “domain”: “www.jbanksdesign.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/92800579d50683bce87a832eb2a389b4.png”, “url”: “https:\/\/www.ransomware.live\/id\/amJhbmtzZGVzaWduLmNvbUBxaWxpbg==”, “victim”: “jbanksdesign.com” }, { “activity”: “Healthcare”, “attackdate”: “2025-05-06 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=19d950d3-b91e-3ff0-b22a-dcc36ea344af”, “country”: “US”, “description”: “All data of this company will be available for download on 16.05.2025.Founded 50 years ago, the breadth and depth of expertise of Clin-Path associates is unmatched statewide. Professional and laboratory services are provided to hospitals, phy …”, “discovered”: “2025-05-06 22:28:05.369726”, “domain”: “www.clinpath.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “modifications”: [ { “date”: “2025-05-08 05:59:06”, “description”: “Update country” } ], “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/dafa0150e1eb38a5a021561dd2371193.png”, “url”: “https:\/\/www.ransomware.live\/id\/Y2xpbnBhdGguY29tQHFpbGlu”, “victim”: “clinpath.com” }, { “activity”: “Technology”, “attackdate”: “2025-05-06 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=eaf1e900-9043-385b-99ba-24be6fc5daae”, “country”: “US”, “description”: “All data of this company will be available for download on 16.05.2025.MDG Design & Construction is a leading affordable housing-only contracting and development firm specializing in the rehabilitation and new construction of affordable reside …”, “discovered”: “2025-05-06 22:29:40.819759”, “domain”: “mdgny.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 22:28:09”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/7907a8475620bbd34a641863aa6cd2db.png”, “url”: “https:\/\/www.ransomware.live\/id\/bWRnbnkuY29tQHFpbGlu”, “victim”: “mdgny.com” }, { “activity”: “Education”, “attackdate”: “2025-05-06 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “North Kitsap School District (USA)”, “discovered”: “2025-05-09 18:21:44.597482”, “domain”: “nkschools.org”, “duplicates”: [], “extrainfos”: { “data_size”: “20MB” }, “group”: “nightspire”, “infostealer”: { “employees”: 26, “employees_url”: 3, “infostealer_stats”: { “Azorult”: 10, “Lumma”: 4, “RedLine”: 36, “Vidar”: 4 }, “thirdparties”: 43, “thirdparties_domain”: 25, “update”: “2025-05-09 18:21:27”, “users”: 3, “users_url”: 3 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Tm9ydGggS2l0c2FwIFNjaG9vbCBEaXN0cmljdEBuaWdodHNwaXJl”, “victim”: “North Kitsap School District” }, { “activity”: “Financial Services”, “attackdate”: “2025-05-04 00:00:00.000000”, “claim_url”: “”, “country”: “UK”, “description”: “Julia Evans accountants (United Kingdom)”, “discovered”: “2025-05-07 01:46:21.965906”, “domain”: “juliaevansaccountants.co.uk”, “duplicates”: [], “extrainfos”: { “data_size”: “180 GB” }, “group”: “nightspire”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-07 01:46:03”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SnVsaWEgRXZhbnMgYWNjb3VudGFudHNAbmlnaHRzcGlyZQ==”, “victim”: “Julia Evans accountants” }, { “activity”: “Public Sector”, “attackdate”: “2025-05-04 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=b6f0552e-7447-3b8e-b099-532c6be4d54a”, “country”: “US”, “description”: “Hamilton County, TN In anticipation of this weekends July 4th festivities, the Hamilton County Sheriffs Office would like to offer the following safety reminders to ensure the citizens of Hamilton County enjoy a safe and meaningful holiday. J …”, “discovered”: “2025-05-08 19:09:02.978640”, “domain”: “www.hcsheriff.gov”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/e34da06042fd6573e9947011f369d9b3.png”, “url”: “https:\/\/www.ransomware.live\/id\/d3d3Lmhjc2hlcmlmZi5nb3ZAcWlsaW4=”, “victim”: “www.hcsheriff.gov” }, { “activity”: “Not Found”, “attackdate”: “2025-05-04 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=035a24a3-8f37-3b42-afff-c70d85337551”, “country”: “US”, “description”: “Shrader & Associates, L.L.P. is pleased to recognize Roberts’ and Romani’s contributions with this well-earned promotion. As a firm with national recognition by the likes of CNN and CBS, each attorney on its roster must meet extremely high st …”, “discovered”: “2025-05-08 19:10:32.922421”, “domain”: “www.shraderlaw.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/f8e113c4fab56d36eacd85dc0a035739.png”, “url”: “https:\/\/www.ransomware.live\/id\/U0hSQURFUkxBV0BxaWxpbg==”, “victim”: “SHRADERLAW” }, { “activity”: “Business Services”, “attackdate”: “2025-04-15 21:34:36.168171”, “claim_url”: “”, “country”: “US”, “description”: “Chadwick, Washington, Moriarty, Elmore & Bunn P.C. is a Virginia and D.C. law firm that offers compli\u2026”, “discovered”: “2025-05-06 18:17:16.699064”, “domain”: “chadwickwashington.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:32:41”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:32:30”, “description”: “Update activity” }, { “date”: “2025-05-06 18:32:34”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RWxtb3JlICYgQnVubkBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Elmore & Bunn” }, { “activity”: “Business Services”, “attackdate”: “2025-04-13 04:29:49.826415”, “claim_url”: “”, “country”: “US”, “description”: “With a legal staff of over 120, The Dominguez Firm is a proven powerhouse personal injury law firm wit\u2026”, “discovered”: “2025-05-06 18:17:14.083333”, “domain”: “dominguezfirm.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:33:35”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:33:27”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VGhlIERvbWluZ3VleiBGaXJtLCBMTFBAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “The Dominguez Firm, LLP” }, { “activity”: “Financial Services”, “attackdate”: “2025-04-13 04:29:48.967466”, “claim_url”: “”, “country”: “US”, “description”: “Operator of a pre-settlement financing firm intended to provide financial assistance during lawsuits. \u2026”, “discovered”: “2025-05-06 18:17:10.931422”, “domain”: “usclaims.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:34:21”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:34:11”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VVNDbGFpbXNAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “USClaims” }, { “activity”: “Business Services”, “attackdate”: “2025-04-13 04:29:48.106676”, “claim_url”: “”, “country”: “US”, “description”: “Dean & Fulkerson P.C has received an SBA PPP loan for $350,000-1 million from PNC Bank, National Assoc\u2026”, “discovered”: “2025-05-06 18:17:05.622164”, “domain”: “dflaw.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:35:26”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:35:04”, “description”: “Update activity” }, { “date”: “2025-05-06 18:35:08”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RGVhbiAmIEZ1bGtlcnNvbkBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Dean & Fulkerson” }, { “activity”: “Business Services”, “attackdate”: “2025-04-13 04:29:47.249748”, “claim_url”: “”, “country”: “US”, “description”: “Pajcic & Pajcic is a Jacksonville-based personal injury law firm with over 50 years of experience in a\u2026”, “discovered”: “2025-05-06 18:17:01.174046”, “domain”: “pajcic.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:36:18”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:36:02”, “description”: “Update activity” }, { “date”: “2025-05-06 18:36:05”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UGFqY2ljICYgUGFqY2ljQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Pajcic & Pajcic” }, { “activity”: “Business Services”, “attackdate”: “2025-04-10 17:29:42.049950”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1910, Shutts is a full-service business law firm that specializes in litigation, constructi\u2026”, “discovered”: “2025-05-06 18:16:57.292898”, “domain”: “shutts.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:37:34”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:37:12”, “description”: “Update activity” }, { “date”: “2025-05-06 18:37:16”, “description”: “Update website” }, { “date”: “2025-05-06 18:37:24”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2h1dHRzQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Shutts” }, { “activity”: “Business Services”, “attackdate”: “2025-04-10 07:29:11.645293”, “claim_url”: “”, “country”: “US”, “description”: “Fenwick & West LLP provides comprehensive legal services to technology and life sciences companies – a\u2026”, “discovered”: “2025-05-06 18:16:54.726094”, “domain”: “fenwick.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: { “Azorult”: 2, “Lumma”: 4, “RedLine”: 12 }, “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:38:26”, “users”: 8, “users_url”: 3 }, “modifications”: [ { “date”: “2025-05-06 18:38:15”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RmVud2ljayAmIFdlc3QgTExQQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Fenwick & West LLP” }, { “activity”: “Business Services”, “attackdate”: “2025-04-09 15:28:18.886322”, “claim_url”: “”, “country”: “US”, “description”: “Established in 1882 and headquartered in London, United Kingdom, Fenwick is a company that operates a \u2026”, “discovered”: “2025-05-06 18:16:50.491657”, “domain”: “fenwick.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: { “Azorult”: 2, “Lumma”: 4, “RedLine”: 12 }, “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:38:26”, “users”: 8, “users_url”: 3 }, “modifications”: [ { “date”: “2025-05-06 18:39:03”, “description”: “Update activity” }, { “date”: “2025-05-06 18:39:07”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RmVud2lja0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Fenwick” }, { “activity”: “Financial Services”, “attackdate”: “2025-04-08 09:29:07.701114”, “claim_url”: “”, “country”: “US”, “description”: “Headquartered Virginia Beach, Virginia, Liberty Tax is a full service tax preparations and refund comp\u2026”, “discovered”: “2025-05-06 18:16:47.759714”, “domain”: “libertytax.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 13, “employees_url”: 3, “infostealer_stats”: { “Azorult”: 84, “Generic Stealer”: 77, “Lumma”: 178, “Raccoon”: 68, “RedLine”: 274, “StealC”: 12, “UNKNOWN”: 16, “Vidar”: 18 }, “thirdparties”: 5, “thirdparties_domain”: 64, “update”: “2025-05-06 18:39:49”, “users”: 401, “users_url”: 15 }, “modifications”: [ { “date”: “2025-05-06 18:39:39”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGliZXJ0eSBUYXhAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Liberty Tax” }, { “activity”: “Business Services”, “attackdate”: “2025-04-05 01:27:59.514962”, “claim_url”: “”, “country”: “US”, “description”: “McLaughlin & Stern, LLP is a full-service law firm founded in 1898 with more than 100 attorneys repres\u2026”, “discovered”: “2025-05-06 18:16:45.268018”, “domain”: “mclaughlinstern.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:40:39”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:40:13”, “description”: “Update activity” }, { “date”: “2025-05-06 18:40:30”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWNMYXVnaGxpbiAmIFN0ZXJuQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “McLaughlin & Stern” }, { “activity”: “Financial Services”, “attackdate”: “2025-04-05 01:27:58.594910”, “claim_url”: “”, “country”: “US”, “description”: “For over 150 years, Roger Keith & Sons Insurance has been providing quality insurance services to clie\u2026”, “discovered”: “2025-05-06 18:16:40.564359”, “domain”: “rogerkeith.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:41:28”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:41:17”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Um9nZXIgS2VpdGggYW5kIFNvbnMgSW5zdXJhbmNlIEFnZW5jeUBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Roger Keith and Sons Insurance Agency” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:42.460171”, “claim_url”: “”, “country”: “US”, “description”: “Schofield Insurance Company is a full-service general agency that specializes in voluntary, ancillary,\u2026”, “discovered”: “2025-05-06 18:16:35.943386”, “domain”: “advantagegroupga.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:42:27”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:42:09”, “description”: “Update website” }, { “date”: “2025-05-06 18:42:14”, “description”: “Update activity” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QWR2YW50YWdlIEdyb3VwIEdBQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Advantage Group GA” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:41.631792”, “claim_url”: “”, “country”: “US”, “description”: “Cors & Bassett has a long, rich history that spans many decades. The firm has been a member of the bus\u2026”, “discovered”: “2025-05-06 18:16:32.618354”, “domain”: “corsbassett.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:43:27”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:43:07”, “description”: “Update website” }, { “date”: “2025-05-06 18:43:17”, “description”: “Update activity” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q29ycyAmIEJhc3NldHRAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Cors & Bassett” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-20 00:28:40.805516”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1985, IFG Companies is a privately held insurance group based in Hartford, Connecticut. IFG\u2026”, “discovered”: “2025-05-06 18:16:29.805091”, “domain”: “ifgcompanies.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 1, “employees_url”: 1, “infostealer_stats”: { “RedLine”: 2 }, “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:44:38”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:44:25”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SUZHIENvbXBhbmllc0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “IFG Companies” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:39.979613”, “claim_url”: “”, “country”: “US”, “description”: “About Kisling, Nestico & Redick: Kisling, Nestico & Redick provides sophisticated injury law represent\u2026”, “discovered”: “2025-05-06 18:16:26.808287”, “domain”: “knrlegal.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:45:26”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:45:16”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/S2lzbGluZyBOZXN0aWNvICYgUmVkaWNrQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Kisling Nestico & Redick” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:39.142044”, “claim_url”: “”, “country”: “US”, “description”: “NCheng LLP was founded in 1989 in New York City. Our practice is dedicated entirely to serve the not-f\u2026”, “discovered”: “2025-05-06 18:16:23.161283”, “domain”: “ncheng.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: { “Lumma”: 2 }, “thirdparties”: 3, “thirdparties_domain”: 5, “update”: “2025-05-06 18:46:19”, “users”: 1, “users_url”: 1 }, “modifications”: [ { “date”: “2025-05-06 18:46:04”, “description”: “Update activity” }, { “date”: “2025-05-06 18:46:08”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TkNoZW5nQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “NCheng” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:38.317610”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1983 and headquartered in New York, New York, Ahmuty, Demers & McManus (ADM) is a full-serv\u2026”, “discovered”: “2025-05-06 18:16:18.931117”, “domain”: “admlaw.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:47:15”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:46:56”, “description”: “Update country” }, { “date”: “2025-05-06 18:47:00”, “description”: “Update activity” }, { “date”: “2025-05-06 18:47:04”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QURNIExBV0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “ADM LAW” }, { “activity”: “Business Services”, “attackdate”: “2025-03-20 00:28:37.477679”, “claim_url”: “”, “country”: “CA”, “description”: “Founded in 1994, McCague Borlack full service legal advice. Its practice areas include: accident benef\u2026”, “discovered”: “2025-05-06 18:16:16.457275”, “domain”: “mccagueborlack.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:48:07”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:47:57”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWNDYWd1ZSBCb3JsYWNrQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “McCague Borlack” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-20 00:28:36.554745”, “claim_url”: “”, “country”: “US”, “description”: “First Financial Equity Corporations (FFEC) primary objective is to provide personalized customer servi\u2026”, “discovered”: “2025-05-06 18:16:13.264992”, “domain”: “ffec.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:49:34”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:49:24”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Rmlyc3QgRmluYW5jaWFsIEVxdWl0eUBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “First Financial Equity” }, { “activity”: “Business Services”, “attackdate”: “2025-03-19 21:28:48.281605”, “claim_url”: “”, “country”: “US”, “description”: “Barst Mukamal & Kleiner LLP is an international immigration law firm based in New York City. Founded i\u2026”, “discovered”: “2025-05-06 18:16:10.483631”, “domain”: “barstlaw.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:52:14”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:50:23”, “description”: “Update activity” }, { “date”: “2025-05-06 18:50:27”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmFyc3QgTXVrYW1hbCAmIEtsZWluZXJAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Barst Mukamal & Kleiner” }, { “activity”: “Business Services”, “attackdate”: “2025-03-19 21:28:47.457161”, “claim_url”: “”, “country”: “US”, “description”: “Olinsky Law Group specializes in Social Security Disability, Appeals Council, Federal Court, and Long-\u2026”, “discovered”: “2025-05-06 18:16:05.939686”, “domain”: “windisability.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:53:29”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:53:14”, “description”: “Update activity” }, { “date”: “2025-05-06 18:53:18”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/T2xpbnNreSBMYXcgR3JvdXBAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Olinsky Law Group” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-19 21:28:46.620322”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 2006 by Stuart J. Boesky, Pembrook Capital Management (Pembrook) is a real estate investmen\u2026”, “discovered”: “2025-05-06 18:16:02.387119”, “domain”: “pembrookgroup.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:54:46”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:54:32”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UGVtYnJvb2sgR3JvdXBAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Pembrook Group” }, { “activity”: “Business Services”, “attackdate”: “2025-03-19 21:28:45.772556”, “claim_url”: “”, “country”: “US”, “description”: “Colucci Law Group provides comprehensive legal support in Florida, focusing on areas such as property \u2026”, “discovered”: “2025-05-06 18:15:59.563838”, “domain”: “coluccilawgroup.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:55:43”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:55:31”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q29sdWNjaSBMYXcgR3JvdXBAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Colucci Law Group” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-19 21:28:44.904326”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1991 and headquartered in West Palm Beach, Florida, GreatFlorida Insurance is a network of \u2026”, “discovered”: “2025-05-06 18:15:57.143641”, “domain”: “greatflorida.com”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2025-05-06 18:56:38”, “users”: 0, “users_url”: 0 }, “modifications”: [ { “date”: “2025-05-06 18:56:26”, “description”: “Update website” } ], “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/R3JlYXRGbG9yaWRhIEluc3VyYW5jZSBIb2xkaW5nIENvcnAuQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “GreatFlorida Insurance Holding Corp.” }, { “activity”: “Technology”, “attackdate”: “2025-03-19 21:28:44.069227”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1990, Paycor is a human capital management company that provides HR and payroll technology \u2026”, “discovered”: “2025-05-06 18:15:54.631655”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UGF5Y29yQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Paycor” }, { “activity”: “Not Found”, “attackdate”: “2025-03-19 21:28:43.247019”, “claim_url”: “”, “country”: “US”, “description”: “Baxter Baker is a legal firm based in Baltimore and Annapolis, Maryland, offering a range of services \u2026”, “discovered”: “2025-05-06 18:15:51.660266”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmF4dGVyIEJha2VyIFNpZGxlIENvbm4gJiBKb25lc0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Baxter Baker Sidle Conn & Jones” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-19 21:28:42.329684”, “claim_url”: “”, “country”: “US”, “description”: “Chicago Atlantic Real Estate Finance, Inc. (Chicago Atlantic) is a commercial real estate finance comp\u2026”, “discovered”: “2025-05-06 18:15:48.679245”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q2hpY2FnbyBBdGxhbnRpYyBHcm91cEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Chicago Atlantic Group” }, { “activity”: “Financial Services”, “attackdate”: “2025-03-19 06:29:17.518101”, “claim_url”: “”, “country”: “US”, “description”: “Mauldin & Jenkins has provided audit, accounting, tax, and consulting services since 1918. Our culture\u2026”, “discovered”: “2025-05-06 18:15:46.317744”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWF1bGRpbiAmIEplbmtpbnNAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Mauldin & Jenkins” }, { “activity”: “Business Services”, “attackdate”: “2025-03-19 06:29:16.694718”, “claim_url”: “”, “country”: “US”, “description”: “Miller Canfield, headquartered in Detroit, Michigan, is a law firm that provides services for bankrupt\u2026”, “discovered”: “2025-05-06 18:15:42.052310”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWlsbGVyIENhbmZpZWxkQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Miller Canfield” }, { “activity”: “Not Found”, “attackdate”: “2025-03-16 22:34:16.556688”, “claim_url”: “”, “country”: “US”, “description”: “CRC Group is a wholesale and specialty insurance distributor in the United States. Founded in 1914, th\u2026”, “discovered”: “2025-05-06 18:15:38.425822”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q1JDIEdyb3VwQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “CRC Group” }, { “activity”: “Financial Services”, “attackdate”: “2025-02-05 10:55:11.495828”, “claim_url”: “”, “country”: “US”, “description”: “44North, headquartered in Cadillac, Michigan, provides health benefit consulting and plan design. Thei\u2026”, “discovered”: “2025-05-06 18:15:34.302854”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/NDROb3J0aEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “44North” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-23 16:42:35.570720”, “claim_url”: “”, “country”: “US”, “description”: “If longevity is a trusted sign of success, the E.W. Smith Insurance Agency proves to be one of Wyandot\u2026”, “discovered”: “2025-05-06 18:15:30.273546”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RVcgU21pdGggSW5zdXJhbmNlIEFnZW5jeUBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “EW Smith Insurance Agency” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-17 03:43:30.809884”, “claim_url”: “”, “country”: “US”, “description”: “Accounting Services\n\nFounded in 1965, Anders is headquartered in St. Louis, Missouri. They are a CPA\u2026”, “discovered”: “2025-05-06 18:15:26.744610”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QW5kZXJzIENQQXMgKyBBZHZpc29yc0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Anders CPAs + Advisors” }, { “activity”: “Not Found”, “attackdate”: “2025-01-14 15:43:36.628992”, “claim_url”: “”, “country”: “”, “description”: “Accounting Services”, “discovered”: “2025-05-06 18:15:20.638450”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmxhY2sgLCBCYXNob3IgJiBQb3JzY2hAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Black , Bashor & Porsch” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-14 15:43:35.600722”, “claim_url”: “”, “country”: “US”, “description”: “Insurance”, “discovered”: “2025-05-06 18:15:16.930165”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2hlYSBCYXJjbGF5IEdyb3VwQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Shea Barclay Group” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-14 15:43:34.532316”, “claim_url”: “”, “country”: “US”, “description”: “Accounting Services”, “discovered”: “2025-05-06 18:15:13.928108”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QVRMQVMgQ1BBcyAmIEFkdmlzb3JzQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “ATLAS CPAs & Advisors” }, { “activity”: “Business Services”, “attackdate”: “2025-01-14 15:43:33.448754”, “claim_url”: “”, “country”: “US”, “description”: “Law Firms & Legal Services”, “discovered”: “2025-05-06 18:15:11.372447”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/S2xlaHIgSGFycmlzb24gSGFydmV5IEJyYW56YnVyZ0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Klehr Harrison Harvey Branzburg” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-06 18:40:25.097410”, “claim_url”: “”, “country”: “US”, “description”: “Insphere Insurance Solutions, Inc. is one of the fastest growing insurance distribution companies in A\u2026”, “discovered”: “2025-05-06 18:15:07.165901”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SW5zcGVyZSBJbnN1cmFuY2UgU29sdXRpb25zQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Inspere Insurance Solutions” }, { “activity”: “Financial Services”, “attackdate”: “2025-01-04 09:41:08.804225”, “claim_url”: “”, “country”: “US”, “description”: “Established in 1969, Cross Valley Federal Credit Union is headquartered in Wilkes-Barre, Pennsylvania.\u2026”, “discovered”: “2025-05-06 18:15:02.528685”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q3Jvc3MgVmFsbGV5IEZDVUBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Cross Valley FCU” }, { “activity”: “Business Services”, “attackdate”: “2024-12-18 23:41:07.404683”, “claim_url”: “”, “country”: “US”, “description”: “Since 1994, Metro Public Adjustment, Inc. has been an advocate for the rights of you, the property own\u2026”, “discovered”: “2025-05-06 18:14:59.211710”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWV0cm8gUHVibGljIEFkanVzdG1lbnRAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Metro Public Adjustment” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-16 18:40:02.802746”, “claim_url”: “”, “country”: “US”, “description”: “Palomar Insurance Corporation delivers tailored insurance programs to small and large companies in the\u2026”, “discovered”: “2025-05-06 18:14:55.500294”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UGFsb21hciBJbnN1cmFuY2VAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Palomar Insurance” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:27:07.441843”, “claim_url”: “”, “country”: “US”, “description”: “Liebert Cassidy Whitmore provides legal advisory services. The firms practice areas include labor rela\u2026”, “discovered”: “2025-05-06 18:14:53.081824”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGliZXJ0eSBUYXggU2VydmljZSBJbmNAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Liberty Tax Service Inc” }, { “activity”: “Not Found”, “attackdate”: “2024-12-13 21:27:06.888821”, “claim_url”: “”, “country”: “US”, “description”: “Law Firms & Legal Services”, “discovered”: “2025-05-06 18:14:47.105040”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/S290eiBTYW5nc3RlciBXeXNvY2tpQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Kotz Sangster Wysocki” }, { “activity”: “Hospitality and Tourism”, “attackdate”: “2024-12-13 21:27:06.310118”, “claim_url”: “”, “country”: “US”, “description”: “Marriott International, Inc. operates, franchises, and licenses hotels and timeshare properties worldw\u2026”, “discovered”: “2025-05-06 18:14:43.206307”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWFycmlvdHQgSW50ZXJuYXRpb25hbCBJbmNAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Marriott International Inc” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 21:27:04.130590”, “claim_url”: “”, “country”: “US”, “description”: “JMJ Associates, LLC provides management consulting services primarily for the energy, mining, and cons\u2026”, “discovered”: “2025-05-06 18:14:37.395444”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Sk1KIEFzc29jaWF0ZXNAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “JMJ Associates” }, { “activity”: “Not Found”, “attackdate”: “2024-12-13 21:27:03.554779”, “claim_url”: “”, “country”: “”, “description”: “Prime Consulting Group, Inc. is a full-service property and casualty insurance services company”, “discovered”: “2025-05-06 18:14:34.111356”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UHJpbWUgQ29uc3VsdGluZyBHcm91cEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Prime Consulting Group” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 21:27:02.886291”, “claim_url”: “”, “country”: “US”, “description”: “Ball Eggleston is a full-service law firm providing legal services for many types of cases, including \u2026”, “discovered”: “2025-05-06 18:14:29.747463”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmFsbCBFZ2dsZXN0b24gTGF3IEZpcm1AU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Ball Eggleston Law Firm” }, { “activity”: “Energy”, “attackdate”: “2024-12-13 21:27:02.307948”, “claim_url”: “”, “country”: “US”, “description”: “TETRA Technologies delivers leading solutions to the upstream energy industry for completions fluids, \u2026”, “discovered”: “2025-05-06 18:14:26.353437”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VGV0cmEgVGVjaG5vbG9naWVzIEluY0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Tetra Technologies Inc” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 21:26:59.867831”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 2006 and headquartered in Miami, Florida, Quintairos Prieto Wood & Boyer, P.A. is a law fir\u2026”, “discovered”: “2025-05-06 18:14:20.687681”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UXVpbnRhaXJvcyBQcmlldG8gV29vZCAmIEJveWVyIFBBQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Quintairos Prieto Wood & Boyer PA” }, { “activity”: “Not Found”, “attackdate”: “2024-12-13 21:26:58.869303”, “claim_url”: “”, “country”: “US”, “description”: “Bass, Berry & Sims is poised to guide clients through complex legal matters.Focused on their interests\u2026”, “discovered”: “2025-05-06 18:14:17.568000”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QmFzcyAsIEJlcnJ5ICYgU2ltcyBQTENAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Bass , Berry & Sims PLC” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:26:57.868470”, “claim_url”: “”, “country”: “US”, “description”: “Established in 1987, ESSEX REALTY MANAGEMENT is a privately owned real estate management and investmen\u2026”, “discovered”: “2025-05-06 18:14:13.239400”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RXNzZXggUHJvcGVydHkgVHJ1c3RAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Essex Property Trust” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:26:56.854900”, “claim_url”: “”, “country”: “US”, “description”: “Davenport offers a wide range of investment services for individuals, corporations, institutions, and \u2026”, “discovered”: “2025-05-06 18:14:10.471905”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RGF2ZW5wb3J0ICYgQ29tcGFueSBMTENAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Davenport & Company LLC” }, { “activity”: “Not Found”, “attackdate”: “2024-12-13 21:26:55.851016”, “claim_url”: “”, “country”: “US”, “description”: “AG Adjustments is a commercial collection agency. It offers small business B2B debt collection, AR man\u2026”, “discovered”: “2025-05-06 18:14:06.411143”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QUcgQWRqdXN0bWVudEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “AG Adjustment” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 21:26:53.843554”, “claim_url”: “”, “country”: “CA”, “description”: “Litigation Law Firm – We are one of Toronto’s leading litigation law firms with regional offices in Ba\u2026”, “discovered”: “2025-05-06 18:12:39.902401”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWNDYWd1ZSBCb3JsYWNrIExMUEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “McCague Borlack LLP” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 21:26:52.842696”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1950, Lane Gorman Trubitt, PLLC (LGT) is one of the largest certified public accounting fir\u2026”, “discovered”: “2025-05-06 18:12:34.588386”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGFuZSBHb3JtYW4gVHJ1Yml0dEBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Lane Gorman Trubitt” }, { “activity”: “Hospitality and Tourism”, “attackdate”: “2024-12-13 21:26:51.854246”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 1995, Ainsworth Game Technology is a manufacturer and supplier of gaming solutions speciali\u2026”, “discovered”: “2025-05-06 18:12:30.122025”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QUdUIFNsb3RzQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “AGT Slots” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:26:50.871871”, “claim_url”: “”, “country”: “US”, “description”: “Founded in 2005, Integrity Home Mortgage is a financial service company specializing in home purchases\u2026”, “discovered”: “2025-05-06 18:12:26.032994”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SW50ZWdyaXR5IEhvbWUgTW9ydGdhZ2UgQ29tcGFueUBTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Integrity Home Mortgage Company” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:26:49.887732”, “claim_url”: “”, “country”: “DE”, “description”: “Hannover Re, headquartered in Hannover, Germany, and established in 1966, is a reinsurance company spe\u2026”, “discovered”: “2025-05-06 18:12:22.430418”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SGFubm92ZXIgUmVAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Hannover Re” }, { “activity”: “Financial Services”, “attackdate”: “2024-12-13 21:26:48.880545”, “claim_url”: “”, “country”: “US”, “description”: “TWFG Insurance services the Lagrange area and throughout the state of Georgia. At TWFG Insurance, thei\u2026”, “discovered”: “2025-05-06 18:12:18.697936”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VFdGRyBJbnN1cmFuY2VAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “TWFG Insurance” }, { “activity”: “Construction”, “attackdate”: “2024-12-13 21:00:39.244895”, “claim_url”: “”, “country”: “US”, “description”: “\tGeocon Inc.\r\nREVENUE:\t$63M\r\nTOTAL DOWNLOADS:\t162\r\nCOMPANY INFO:\t\r\nArchitecture, Engineering & Design \u00b7 California, United States \u00b7 289 Employees. Founded in 1971, Ge\u2026”, “discovered”: “2025-05-06 18:08:00.999305”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/R2VvY29uIEluYy5AU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Geocon Inc.” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 20:59:50.730830”, “claim_url”: “”, “country”: “US”, “description”: “REVENUE:\t$82M\r\nTOTAL DOWNLOADS:\t164\r\nCOMPANY INFO:\t\r\nLiebert Cassidy Whitmore is California’s premier labor, education, and employment law firm. We provide\u2026”, “discovered”: “2025-05-06 18:07:55.814581”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGllYmVydCBDYXNzaWR5IFdoaXRtb3JlIEF0dG9ybmV5c0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Liebert Cassidy Whitmore Attorneys” }, { “activity”: “Manufacturing”, “attackdate”: “2024-12-13 20:59:33.770723”, “claim_url”: “”, “country”: “US”, “description”: “\tRosenbauer America\r\nTOTAL DOWNLOADS:\t157\r\nCOMPANY INFO:\t\r\nRosenbauer is the world’s leading manufacturer of firefighting vehicles and equipment. In North Americ\u2026”, “discovered”: “2025-05-06 18:07:51.142039”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Um9zZW5iYXVlciBBbWVyaWNhQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Rosenbauer America” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 20:59:03.106182”, “claim_url”: “”, “country”: “US”, “description”: “REVENUE:\t$57.5M\r\nTOTAL DOWNLOADS:\t165\r\nCOMPANY INFO:\t\r\nHaynie & Company was founded in 1960 and is headquartered in Salt Lake City. They offer tax services, \u2026\r\n”, “discovered”: “2025-05-06 18:07:45.281684”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SGF5bmllICYgQ29tcGFueSBQQ0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Haynie & Company PC” }, { “activity”: “Business Services”, “attackdate”: “2024-12-13 20:58:40.717623”, “claim_url”: “”, “country”: “US”, “description”: “REVENUE:\t$25.2M\r\nTOTAL DOWNLOADS:\t172\r\nCOMPANY INFO:\t\r\nWilliams Kastner provides legal advisory services. The firm focuses on areas including federal litigat\u2026\r\n”, “discovered”: “2025-05-06 18:07:39.816250”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/V2lsbGlhbXMsIEthc3RuZXIgJiBHaWJicyBQTExDQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Williams, Kastner & Gibbs PLLC” }, { “activity”: “Hospitality and Tourism”, “attackdate”: “2024-09-23 21:26:54.839746”, “claim_url”: “”, “country”: “US”, “description”: “Jacobs Entertainment, Inc. (JEI) is a developer, owner and operator of gaming and entertainment facili\u2026”, “discovered”: “2025-05-06 18:12:44.604090”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SmFjb2JzIEVudGVydGFpbm1lbnQgSW5jQFNpbGVudFJhbnNvbUdyb3Vw”, “victim”: “Jacobs Entertainment Inc” }, { “activity”: “Business Services”, “attackdate”: “2024-02-22 21:27:04.939412”, “claim_url”: “”, “country”: “US”, “description”: “Cantey Hanger LLP, established in 1882, is a full-service firm based in Texas, with offices in Fort Wo\u2026”, “discovered”: “2025-05-06 18:14:40.099840”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q2FudGV5IEhhbmdlciBMTFBAU2lsZW50UmFuc29tR3JvdXA=”, “victim”: “Cantey Hanger LLP” }, { “activity”: “Construction”, “attackdate”: “2023-06-13 11:34:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=992e28d1-a600-3fb3-93e2-b83166be9ffe”, “country”: “US”, “description”: “All data of this company will be available for download on 16.05.2025. GSL Electric Inc. performs a wide range of projects for public and private clients, including commercial, industrial, institutional, manufacturing, utility, transmission l …”, “discovered”: “2025-05-06 22:26:29.018517”, “domain”: “www.gslelectric.com”, “duplicates”: [ { “attackdate”: “2023-06-13 11:34:00.000000”, “date”: “2025-05-06 22:26:29.045828”, “group”: “lockbit3”, “link”: “https:\/\/www.ransomware.live\/id\/Z3NsZWxlY3RyaWMuY29tQGxvY2tiaXQz” } ], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/3b7d858b66172cc3df44fe9e9b96bdc5.png”, “url”: “https:\/\/www.ransomware.live\/id\/Z3NsZWxlY3RyaWMuY29tQHFpbGlu”, “victim”: “gslelectric.com” }, { “activity”: “Financial Services”, “attackdate”: “2022-06-07 21:27:01.293260”, “claim_url”: “”, “country”: “US”, “description”: “Lincoln Investment was founded in 1968. This company provides investment advice and banking services. \u2026”, “discovered”: “2025-05-06 18:14:23.451530”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “SilentRansomGroup”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TGluY29sbiBJbnZlc3RtZW50IFBsYW5uaW5nIExMQ0BTaWxlbnRSYW5zb21Hcm91cA==”, “victim”: “Lincoln Investment Planning LLC” } ]