Ransomware Stats

[ { “activity”: “Public Sector”, “attackdate”: “2026-03-07 20:33:59.327350”, “claim_url”: “https:\/\/handala-hack.to\/jerusalem-water-supply-facilities-hacked\/”, “country”: “IL”, “description”: “In response to the blatant aggression against the Qeshm desalination plant, Handala Hack has executed an unprecedented and sophisticated cyber operation, targeting the water infrastructure of Jerusalem. In this assault, 423 gigabytes of highly classified and sensitive data were exfiltrated, and the core infrastructure was completely crippled. This was not merely a cyberattack, it was\u2026”, “discovered”: “2026-03-07 20:34:33.366059”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SmVydXNhbGVtIFdhdGVyIFN1cHBseSBGYWNpbGl0aWVzQGhhbmRhbGE=”, “victim”: “Jerusalem Water Supply Facilities” }, { “activity”: “Agriculture and Food Production”, “attackdate”: “2026-03-07 18:15:58.640552”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=3105a8f7-027c-354f-a788-85b0fa50640d”, “country”: “US”, “description”: “N\/A”, “discovered”: “2026-03-07 18:16:14.385756”, “domain”: “www.brothersproduce.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/ad7104a52e48bd577be5072657073eab.png”, “url”: “https:\/\/www.ransomware.live\/id\/QnJvdGhlcnMgUHJvZHVjZUBxaWxpbg==”, “victim”: “Brothers Produce” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 18:15:21.684660”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=d22abc53-c565-31c2-b4d9-fab70161918a”, “country”: “NL”, “description”: “N\/A”, “discovered”: “2026-03-07 18:15:36.098195”, “domain”: “www.dielco.co”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/f25c7488f40895da56c369e48dca567c.png”, “url”: “https:\/\/www.ransomware.live\/id\/RGllbGNvQHFpbGlu”, “victim”: “Dielco” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 18:14:44.072637”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=9949d38c-52b0-3ba9-8ba0-74d00d426f6b”, “country”: “GB”, “description”: “N\/A”, “discovered”: “2026-03-07 18:14:59.391194”, “domain”: “www.geotecsurveys.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/4d9d960abde3135573c5710721d2054b.png”, “url”: “https:\/\/www.ransomware.live\/id\/R2VvdGVjIFN1cnZleXNAcWlsaW4=”, “victim”: “Geotec Surveys” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-07 18:14:04.848008”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=7cd3db5c-d36a-37c6-bdaf-abd8daac311c”, “country”: “US”, “description”: “N\/A”, “discovered”: “2026-03-07 18:14:21.742628”, “domain”: “www.artemedica.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/b7f5a4bd7c24550f1b1dc75f14267f94.png”, “url”: “https:\/\/www.ransomware.live\/id\/QXJ0ZW1lZGljYUBxaWxpbg==”, “victim”: “Artemedica” }, { “activity”: “Consumer Services”, “attackdate”: “2026-03-07 18:13:23.228649”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=4143509c-5888-304e-b429-f619e32068af”, “country”: “CA”, “description”: “N\/A”, “discovered”: “2026-03-07 18:13:42.266314”, “domain”: “www.kuzcolighting.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/3c56f9fbd8643cf98cc82da35cec5dcf.png”, “url”: “https:\/\/www.ransomware.live\/id\/S3V6Y28gTGlnaHRpbmdAcWlsaW4=”, “victim”: “Kuzco Lighting” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 12:36:14.655160”, “claim_url”: “http:\/\/longcc4fqrfcqt5lzceutylaxir6h66fp6df3oin6mvwvz6pfdbxc6qd.onion\/blog\/404e2516d4022752f93dc9844fb4712339199312accc129b66a85bcb379cda09\/”, “country”: “”, “description”: “Sileno Companies Inc. A US company primarily operating in the hospitality and real estate sectors, its activities include: Hotel operation Property management Management of hotels’ restaurants and bars Hospitality project development 22.9TB was encrypted in 14 hours on 3\/5\/2026 More than 67.07 GB was extracted”, “discovered”: “2026-03-07 12:36:43.406701”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “tengu”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/80f3b5358fe042f7fc0dc072012470fd.png”, “url”: “https:\/\/www.ransomware.live\/id\/U2lsZW5vIENvbXBhbmllcyBJbmNAdGVuZ3U=”, “victim”: “Sileno Companies Inc” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 10:06:50.030419”, “claim_url”: “https:\/\/handala-hack.to\/handala-new-telegram\/”, “country”: “”, “description”: “Please Join and Share https:\/\/t.me\/HANDALA_HPR2 https:\/\/t.me\/HANDALA_HPR2 https:\/\/t.me\/HANDALA_HPR2”, “discovered”: “2026-03-07 10:07:03.496603”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/7ede4ff8a81b75b562b8ef0eed7f8ea8.png”, “url”: “https:\/\/www.ransomware.live\/id\/SGFuZGFsYSBOZXcgVGVsZWdyYW1AaGFuZGFsYQ==”, “victim”: “Handala New Telegram” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 08:27:22.700727”, “claim_url”: “”, “country”: “”, “description”: “Johnson Vollmerhausen & Gates provides professional accounting, tax, and advisory services tailored to the needs of both individuals and businesses.”, “discovered”: “2026-03-07 08:27:25.983164”, “domain”: “jvgasheville.com”, “duplicates”: [], “extrainfos”: [], “group”: “AiLock”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 08:27:03”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Sm9obnNvbiBWb2xsbWVyaGF1c2VuICYgR2F0ZXNAQWlMb2Nr”, “victim”: “Johnson Vollmerhausen & Gates” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 08:26:59.105898”, “claim_url”: “”, “country”: “BE”, “description”: “Netwerk NV is part of the Korevaar Group. Their services range from container cleaning to waste management and pest control.”, “discovered”: “2026-03-07 08:27:00.707121”, “domain”: “netwerknv.nl”, “duplicates”: [], “extrainfos”: [], “group”: “AiLock”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 08:26:39”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TmV0d2VyayBOVkBBaUxvY2s=”, “victim”: “Netwerk NV” }, { “activity”: “Telecommunication”, “attackdate”: “2026-03-07 08:26:34.724892”, “claim_url”: “”, “country”: “CA”, “description”: “Eeyou Communications Network operates a regional fibre optic network serving the James Bay and Eeyou Istchee regions, providing ultra-high-speed internet since 2004.”, “discovered”: “2026-03-07 08:26:37.066199”, “domain”: “eeyou.ca”, “duplicates”: [], “extrainfos”: [], “group”: “AiLock”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 08:26:15”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RWV5b3UgQ29tbXVuaWNhdGlvbnMgTmV0d29ya0BBaUxvY2s=”, “victim”: “Eeyou Communications Network” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-07 07:01:10.606950”, “claim_url”: “http:\/\/om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion\/r\/urjTEjedClIgCF6GFmWJODZWgv5xfGCnkGC78L8zGGtcB6TZahspTAhavRX3CLLwBW54ls7lHCh9lESj9N1GhRRWZKQ3NQ”, “country”: “US”, “description”: “A major leak of smiles.”, “discovered”: “2026-03-07 07:01:45.997981”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “anubis”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/bae9b8b7a6ddaf1a8fe538e51c4d152e.png”, “url”: “https:\/\/www.ransomware.live\/id\/TGFkdWUgRmFtaWx5IERlbnRhbEBhbnViaXM=”, “victim”: “Ladue Family Dental” }, { “activity”: “Agriculture and Food Production”, “attackdate”: “2026-03-07 02:38:39.567933”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=2f133f2f-3a52-4efa-8bd9-42fadf0d63d6”, “country”: “US”, “description”: “Northern Family Farms, located in Merrillan, WI, has been a trusted wholesale supplier of Christmas trees and nursery plants since 1955. They offer a variety of products including Fraser Fir, Balsam Fir, White Pine, and numerous types of nursery plants such as fruits, topiaries, and shrubs. The company serves distributors and businesses across the country, ensuring top-quality plants for retail and landscaping needs. With a commitment to customer satisfaction, they invite potential clients to tour their facilities in West Central Wisconsin.”, “discovered”: “2026-03-07 02:41:29.492734”, “domain”: “www.northernfamilyfarms.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/69438a53b930051a9732d37c155d68b7.png”, “url”: “https:\/\/www.ransomware.live\/id\/Tm9ydGhlcm4gRmFtaWx5IEZhcm1zQGRyYWdvbmZvcmNl”, “victim”: “Northern Family Farms” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=cee2911a-b96a-3fb9-98d8-5e9641bdd79c”, “country”: “”, “description”: “N\/A”, “discovered”: “2026-03-07 07:39:56.291469”, “domain”: “www.afdl.law”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/9fa6e7d3ae6ebfe1b0c2691c77dbd9ed.png”, “url”: “https:\/\/www.ransomware.live\/id\/QUZETEBxaWxpbg==”, “victim”: “AFDL” }, { “activity”: “Not Found”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/0fc724d1b71a64ccedc\/”, “country”: “US”, “description”: “Provides comprehensive medical practice management”, “discovered”: “2026-03-07 11:41:03.997042”, “domain”: “sierramanagementgroup.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:40:25”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/ecd1e585d5c86b340dc75efcb78baf54.png”, “url”: “https:\/\/www.ransomware.live\/id\/U2llcnJhIE1hbmFnZW1lbnQgR3JvdXBAZ2VuZXNpcw==”, “victim”: “Sierra Management Group” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/6243244f2cab542be965\/”, “country”: “US”, “description”: “A provider of RCM and billing services”, “discovered”: “2026-03-07 11:41:44.412034”, “domain”: “onesourcemg.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:41:08”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/040d96a2bce99630a6a859e9c8201cb7.png”, “url”: “https:\/\/www.ransomware.live\/id\/T25lU291cmNlIE1lZGljYWwgR3JvdXBAZ2VuZXNpcw==”, “victim”: “OneSource Medical Group” }, { “activity”: “Business Services”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/6962c55a25d2e9b34b4d\/”, “country”: “US”, “description”: “A law firm based in Atlanta, Georgia”, “discovered”: “2026-03-07 11:42:24.573952”, “domain”: “sanderslegalgroup.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:41:49”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/e81bd09b57a52ff4b441268060827b82.png”, “url”: “https:\/\/www.ransomware.live\/id\/U2FuZGVycyBMZWdhbCBHcm91cEBnZW5lc2lz”, “victim”: “Sanders Legal Group” }, { “activity”: “Financial Services”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/74334afe71750e09b8d2\/”, “country”: “US”, “description”: “A full service CPA firm”, “discovered”: “2026-03-07 11:43:04.232802”, “domain”: “cfa-oc.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:42:28”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/be2c9d151ae7336019e1dfbeefc70bfa.png”, “url”: “https:\/\/www.ransomware.live\/id\/Q29ybmVyc3RvbmUgRmluYW5jaWFsIEFkdmlzb3JzLCBJTkNAZ2VuZXNpcw==”, “victim”: “Cornerstone Financial Advisors, INC” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/da29fb1f818a057026e0\/”, “country”: “US”, “description”: “An eye care center in Brooklyn, NY”, “discovered”: “2026-03-07 11:43:43.105645”, “domain”: “brightoneye.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:43:08”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/91dba562a0440505056910aa1fe6971e.png”, “url”: “https:\/\/www.ransomware.live\/id\/QnJpZ2h0b24gRXllQGdlbmVzaXM=”, “victim”: “Brighton Eye” }, { “activity”: “Public Sector”, “attackdate”: “2026-03-07 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/f5ba1939019c35515efe\/”, “country”: “US”, “description”: “A City of Hart local municipal organization”, “discovered”: “2026-03-07 11:44:24.412149”, “domain”: “cityofhart.org”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:43:47”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/fda17942a61af9629f914df1f87daca3.png”, “url”: “https:\/\/www.ransomware.live\/id\/Q2l0eSBvZiBIYXJ0QGdlbmVzaXM=”, “victim”: “City of Hart” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 21:18:38.551040”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=1plJRgJtcSdsIy”, “country”: “NO”, “description”: “United States”, “discovered”: “2026-03-06 21:19:15.021087”, “domain”: “www.tasolberg.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/edf05ce5ab7c8e5132154c1b22ef4073.png”, “url”: “https:\/\/www.ransomware.live\/id\/VCBhIFNvbGJlcmdAcGxheQ==”, “victim”: “T a Solberg” }, { “activity”: “Construction”, “attackdate”: “2026-03-06 21:18:00.724530”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=SBNsa7PSlMd9kJ”, “country”: “US”, “description”: “United States”, “discovered”: “2026-03-06 21:18:37.002185”, “domain”: “www.donebowerinc.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/b61f24438b6e0f8a916790669077abeb.png”, “url”: “https:\/\/www.ransomware.live\/id\/RG9uIEUgQm93ZXJAcGxheQ==”, “victim”: “Don E Bower” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 21:17:23.053768”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=qkfztvmjkLedjg”, “country”: “US”, “description”: “United States”, “discovered”: “2026-03-06 21:17:59.032243”, “domain”: “www.designtoprint.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c8f21884640ba6356e6202d06ba140ed.png”, “url”: “https:\/\/www.ransomware.live\/id\/RGVzaWduIFRvIFByaW50QHBsYXk=”, “victim”: “Design To Print” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 21:16:44.704248”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=EiqIqtwLJKHxVG”, “country”: “CA”, “description”: “Canada”, “discovered”: “2026-03-06 21:17:20.865023”, “domain”: “www.selecttool.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/6cd7f53bba8408d9e629eb337b2408bb.png”, “url”: “https:\/\/www.ransomware.live\/id\/U2VsZWN0IFRvb2xAcGxheQ==”, “victim”: “Select Tool” }, { “activity”: “Transportation\/Logistics”, “attackdate”: “2026-03-06 21:16:05.763235”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=VOUsVjOQTGOOS”, “country”: “US”, “description”: “United States”, “discovered”: “2026-03-06 21:16:43.025730”, “domain”: “www.dfwaero.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/83a10a25c8a444107ef792d7344ed31f.png”, “url”: “https:\/\/www.ransomware.live\/id\/REZXIEFlcm8gTWVjaGFuaXhAcGxheQ==”, “victim”: “DFW Aero Mechanix” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 21:15:23.317379”, “claim_url”: “http:\/\/k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion\/topic.php?id=5AizpEry3cHwPX”, “country”: “”, “description”: “United States”, “discovered”: “2026-03-06 21:16:01.252566”, “domain”: “www.garlandwilliamscpa.com”, “duplicates”: [], “extrainfos”: [], “group”: “play”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/02532c84eeaed0f81f0d56796b56d497.png”, “url”: “https:\/\/www.ransomware.live\/id\/R2FybGFuZCBXaWxsaWFtcyAmIEFzc29jaWF0ZXNAcGxheQ==”, “victim”: “Garland Williams & Associates” }, { “activity”: “Business Services”, “attackdate”: “2026-03-06 20:34:01.139454”, “claim_url”: “http:\/\/hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion\/post\/3C0rfFnfAHHIhykeiIlUmmRKk0l6iVJD”, “country”: “US”, “description”: “NELSON Worldwide is an award-winning firm delivering architecture, interior design, graphic design, and brand strategy services that transform all dimensions of the human experience, providing our clients with strategic and creative solutions that positively impact their lives and the environments w\u2026”, “discovered”: “2026-03-06 20:34:14.317693”, “domain”: “www.nelsonworldwide.com”, “duplicates”: [], “extrainfos”: { “data_size”: “400 GB” }, “group”: “chaos”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8684d887b91689b2349d99a3486f3a3b.png”, “url”: “https:\/\/www.ransomware.live\/id\/bmVsc29ud29ybGR3aWRlLmNvbUBjaGFvcw==”, “victim”: “nelsonworldwide.com” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 19:52:10.671568”, “claim_url”: “http:\/\/safepaypfxntwixwjrlcscft433ggemlhgkkdupi2ynhtcmvdgubmoyd.onion\/blog\/post\/smileteamcomau\/”, “country”: “AU”, “description”: “Is a privately owned Australian healthcare company specialising in orthodontic treatment and dental alignment services. The organisation was founded around \u2026”, “discovered”: “2026-03-06 19:52:25.913311”, “domain”: “smileteam.com.au”, “duplicates”: [], “extrainfos”: [], “group”: “safepay”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 19:51:51”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/5256a05d96a72088ee4ffc0f29d19fdb.png”, “url”: “https:\/\/www.ransomware.live\/id\/c21pbGV0ZWFtLmNvbS5hdUBzYWZlcGF5”, “victim”: “smileteam.com.au” }, { “activity”: “Technology”, “attackdate”: “2026-03-06 19:48:26.758166”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=5fbb9177-fe17-3632-a0db-6f59a5a97a0a”, “country”: “CA”, “description”: “N\/A”, “discovered”: “2026-03-06 19:48:42.375843”, “domain”: “www.wisl.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/130770f8305283cbbc64c73be23bc38f.png”, “url”: “https:\/\/www.ransomware.live\/id\/V2F0ZXJsb28gSW5mb3JtYXRpb24gU3lzdGVtc0BxaWxpbg==”, “victim”: “Waterloo Information Systems” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 19:47:08.855661”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=124e84cb-b657-3990-a820-31f2eb4c89b7”, “country”: “DE”, “description”: “N\/A”, “discovered”: “2026-03-06 19:47:24.066597”, “domain”: “www.asb-saarland.de”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/81ec521837abee69f339f88ea1140844.png”, “url”: “https:\/\/www.ransomware.live\/id\/QVNCIFNhYXJsYW5kQHFpbGlu”, “victim”: “ASB Saarland” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 19:46:32.029039”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=0c94668c-bc5d-32bb-8728-36747b6e24b4”, “country”: “GB”, “description”: “N\/A”, “discovered”: “2026-03-06 19:46:46.646385”, “domain”: “www.albany-pumps.co.uk”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/b53b63860bf9a51fd7ee2a07369d3621.png”, “url”: “https:\/\/www.ransomware.live\/id\/QWxiYW55IFB1bXBzQHFpbGlu”, “victim”: “Albany Pumps” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 19:45:52.617900”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=5e40020a-bbb1-3f38-975e-a023c092e5b5”, “country”: “”, “description”: “N\/A”, “discovered”: “2026-03-06 19:46:09.814114”, “domain”: “www.hlssystems.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/2de4ab94cd4023d66c300613cc13277e.png”, “url”: “https:\/\/www.ransomware.live\/id\/SCAmIEwgU3lzdGVtc0BxaWxpbg==”, “victim”: “H & L Systems” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 19:29:15.000000”, “claim_url”: “https:\/\/handala-hack.to\/idf-in-farsi-hacked\/”, “country”: “IR”, “description”: “Tonight, the silence of the Persian pages of the Zionist army has been broken. Handala Hack is here; this time not for a warning, but for proof. All confidential information from Israeli army accounts has fallen into our hands. Now, 26 pages of individuals connected to the Zionist army in the Axis of Resistance countries\u2026”, “discovered”: “2026-03-06 20:39:50.844555”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/f54755a74279b5d4a2e00e5f7e2f136e.png”, “url”: “https:\/\/www.ransomware.live\/id\/SURGIGluIEZhcnNpQGhhbmRhbGE=”, “victim”: “IDF in Farsi” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 19:23:31.000000”, “claim_url”: “http:\/\/tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion”, “country”: “CO”, “description”: “gerleinco.com zoominfo.com\/c\/gerleinco-sa\/430010238 Gerleinco is a leading logistics service provider in Colombia, established in 1916, specializing in container control, multimodal transport, and project logistics. The company offers reliable and dynamic services through innovative technological developments and a dedicated professional team. Gerleinco serves various clients in key ports and commercial cities across the country. Their commitment to effective logistics ensures fulfillment of client needs in a responsible manner”, “discovered”: “2026-03-06 19:58:17.342671”, “domain”: “gerleinco.com”, “duplicates”: [], “extrainfos”: [], “group”: “thegentlemen”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 19:56:55”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8c47959c80ef37fb0095eb6ecb94c7a8.png”, “url”: “https:\/\/www.ransomware.live\/id\/R2VybGVpbmNvQHRoZWdlbnRsZW1lbg==”, “victim”: “Gerleinco” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 19:19:48.000000”, “claim_url”: “http:\/\/tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion”, “country”: “TH”, “description”: “LAF Hotel is a millennial-focused hotel located in Bangkok, Thailand, on Soi Phahol Yothin 5. Positioned as a place \”to live and to have fun it offers affordable accommodation and is highly recommended by 94% of its reviewers based on 240 reviews.”, “discovered”: “2026-03-06 19:59:21.910198”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “thegentlemen”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8c47959c80ef37fb0095eb6ecb94c7a8.png”, “url”: “https:\/\/www.ransomware.live\/id\/TEFGIEhvdGVsIEFyZWVAdGhlZ2VudGxlbWVu”, “victim”: “LAF Hotel Aree” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 19:14:46.000000”, “claim_url”: “http:\/\/tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion”, “country”: “LB”, “description”: “maliagroup.com zoominfo.com\/c\/malia-group\/347685476 Malia Group is a multifaceted organization comprising 21 companies that operate across six sectors, including consumer goods distribution, technology solutions, fashion, engineering and contracting, and hospitality and real estate. With a strong presence in Lebanon, Iraq, and the UAE, the group is committed to excellence in the creation, production, and timely delivery of goods and services. Over the past 80 years, Malia Group has built a portfolio of 60 brands and established partnerships with 50 leading multinationals, making it a preferred choice in the region. The company promotes cultural and social diversity while fostering an environment of transparency, empowerment, and innovation among its employees”, “discovered”: “2026-03-06 20:00:46.265228”, “domain”: “maliagroup.com”, “duplicates”: [], “extrainfos”: [], “group”: “thegentlemen”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 19:59:24”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8c47959c80ef37fb0095eb6ecb94c7a8.png”, “url”: “https:\/\/www.ransomware.live\/id\/TWFsaWEgR3JvdXBAdGhlZ2VudGxlbWVu”, “victim”: “Malia Group” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 19:12:46.000000”, “claim_url”: “http:\/\/tezwsse5czllksjb7cwp65rvnk4oobmzti2znn42i43bjdfd2prqqkad.onion”, “country”: “”, “description”: “nephkc.com zoominfo.com\/c\/nephrology-associates\/469726875 Nephrology Associates prides itself on providing the highest quality of care for patients with kidney disorders in the Kansas City area”, “discovered”: “2026-03-06 20:01:41.917409”, “domain”: “nephkc.com”, “duplicates”: [], “extrainfos”: [], “group”: “thegentlemen”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 20:00:50”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8c47959c80ef37fb0095eb6ecb94c7a8.png”, “url”: “https:\/\/www.ransomware.live\/id\/TmVwaHJvbG9neSBBc3NvY2lhdGVzQHRoZWdlbnRsZW1lbg==”, “victim”: “Nephrology Associates” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 18:12:02.906130”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=ad77927d-b337-3e49-b3e1-4d2c51958d40”, “country”: “DE”, “description”: “N\/A”, “discovered”: “2026-03-06 18:12:39.330112”, “domain”: “www.suchthilfe-direkt.de”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/a5d13fd8b5ff3edf1fedf7f9d523deed.png”, “url”: “https:\/\/www.ransomware.live\/id\/U3VjaHRoaWxmZSBkaXJla3QgRXNzZW4gZ0dtYkhAcWlsaW4=”, “victim”: “Suchthilfe direkt Essen gGmbH” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 17:37:28.552092”, “claim_url”: “http:\/\/ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion\/news\/Hyundai_Elevator\/”, “country”: “KR”, “description”: “[AI generated] Hyundai Elevator Co., Ltd is a South Korean company specializing in the production of elevators, escalators, and related equipment. Established in 1984, Hyundai Elevator is a part of the Hyundai Group. It offers comprehensive services that include designing, manufacturing, installing and maintaining a variety of systems including moving walkways, dumbwaiters, and parking systems. It operates mainly in the domestic market but has expanded globally.”, “discovered”: “2026-03-06 17:38:33.569271”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “everest”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SHl1bmRhaSBFbGV2YXRvckBldmVyZXN0”, “victim”: “Hyundai Elevator” }, { “activity”: “Construction”, “attackdate”: “2026-03-06 14:17:05.835688”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=5f1b0fc5-f63e-455d-945f-62600ce2b103”, “country”: “US”, “description”: “R&C Fence, Inc. is a locally owned and operated company that has been providing custom-built fence installation services for both commercial and residential clients since 1970. With an in-house fabrication shop, they are equipped to handle complex fencing projects while ensuring high quality and service excellence. Their experienced staff offers guidance on various fencing materials and installation solutions tailored to client needs. They serve the Fort Wayne area and surrounding regions, including South Bend, Auburn, and Warsaw”, “discovered”: “2026-03-06 14:37:59.670993”, “domain”: “www.randcfence.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/674e9f700c5268ef2638b274864636b1.png”, “url”: “https:\/\/www.ransomware.live\/id\/UiZDIEZlbmNlLCBJbmMuQGRyYWdvbmZvcmNl”, “victim”: “R&C Fence, Inc.” }, { “activity”: “Energy”, “attackdate”: “2026-03-06 13:40:49.643426”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=8fd986b3-a624-47a9-8699-8a25b8a175f2”, “country”: “US”, “description”: “Graham County Electric is committed to provide members with affordable cost effective energy solutions.”, “discovered”: “2026-03-06 17:37:05.110490”, “domain”: “www.gce.coop”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/ae2ed23e1c84ef5ac7960975a3d20935.png”, “url”: “https:\/\/www.ransomware.live\/id\/R3JhaGFtIENvdW50eSBFbGVjdHJpYyBDb29wZXJhdGl2ZUBkcmFnb25mb3JjZQ==”, “victim”: “Graham County Electric Cooperative” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 13:39:39.000000”, “claim_url”: “https:\/\/handala-hack.to\/sanzer-hasidic-community-hacked\/”, “country”: “”, “description”: “In the name of freedom and under the shadow of the oppressed\u2019s revenge, The Sanzer Hasidic community, which has always portrayed witchcraft as a reprehensible and undesirable act, has now itself turned to performing superstitious and magical rituals after receiving substantial amounts of money from Benjamin Netanyahu, the defeated and desperate Prime Minister of the\u2026”, “discovered”: “2026-03-06 16:10:45.535556”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c88ce91de3f65a0a11dd9b4f285091aa.png”, “url”: “https:\/\/www.ransomware.live\/id\/U2FuemVyIEhhc2lkaWMgY29tbXVuaXR5QGhhbmRhbGE=”, “victim”: “Sanzer Hasidic community” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 12:35:53.421031”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=f4f816cb-3775-4e04-9b57-adc716231dbb”, “country”: “US”, “description”: “Advanced Rehabilitation Technology (ART) specializes in state-of-the-art no-dig technology solutions aimed at protecting and extending the life of critical infrastructure. The company offers innovative products and services for the rehabilitation of water and wastewater structures, including manholes, stormwater culverts, and potable water systems. ART’s solutions are designed to be cost-effective and long-lasting, addressing issues such as corrosion and structural integrity while ensuring compliance with health standards. Their intended clients include municipalities and industries seeking to maintain and enhance their infrastructure without the need for extensive excavation”, “discovered”: “2026-03-06 13:09:07.660363”, “domain”: “artcoatingtech.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 13:08:13”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/8b48a6c733d005e92b4cf2fbf31a61d5.png”, “url”: “https:\/\/www.ransomware.live\/id\/QWR2YW5jZWQgUmVoYWJpbGl0YXRpb24gVGVjaG5vbG9neSAoQVJUKUBkcmFnb25mb3JjZQ==”, “victim”: “Advanced Rehabilitation Technology (ART)” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 12:31:25.054297”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=c5f5dff0-ec33-40e4-b412-cb3fe1774967”, “country”: “US”, “description”: “The Delventhal Company offers a wide range of construction and management services including general contracting, construction management, design-build, and real estate services. They cater to industries such as healthcare, financial, commercial\/retail, education, and industrial, providing personalized solutions to meet unique client needs. Their commitment to quality and service is evident in their extensive portfolio of successful projects across various sectors. The company prides itself on being dependable, flexible, and credible, aiming to empower clients throughout the construction process”, “discovered”: “2026-03-06 13:10:02.004855”, “domain”: “www.thedelventhalco.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/02a950adddcc9d31212f78161c0e5bda.png”, “url”: “https:\/\/www.ransomware.live\/id\/VGhlIERlbHZlbnRoYWwgQ29tcGFueUBkcmFnb25mb3JjZQ==”, “victim”: “The Delventhal Company” }, { “activity”: “Construction”, “attackdate”: “2026-03-06 11:29:09.788868”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=d9ea51a7-c164-45be-a61a-42bcc2337168”, “country”: “US”, “description”: “Numerous data items, including financial and project details, were leaked from servers located at the company’s headquarters in Florida, Maryland, and North Carolina.\n\nC.A. Lindman, Inc., founded in 1990, has grown from a small restoration company with less than 10 employees, into one of the top 20 national firms specializing in exterior concrete and masonry repairs over the last 30 years. The founders, Rob Pusheck and Jeff Procter, have kept Lindman focused on meeting all of their clients\u2019 needs and expectations. The \u201cLindman Difference\u201d is the company\u2019s motto and delivering this superior service is the company-wide goal every day.”, “discovered”: “2026-03-06 11:42:46.201987”, “domain”: “www.calindman.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/ed5915b133b7a4a6c6d48f2eeef4be38.png”, “url”: “https:\/\/www.ransomware.live\/id\/Qy5BLiBMSU5ETUFOIEluYy5AZHJhZ29uZm9yY2U=”, “victim”: “C.A. LINDMAN Inc.” }, { “activity”: “Construction”, “attackdate”: “2026-03-06 11:15:16.484586”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=88339e7d-bc4e-42e1-9245-880c41d297ca”, “country”: “GB”, “description”: “ICS Electrical Services is a Cincinnati based electrical contracting company that has been specializing in complex industrial installations since 1997. We provide a unique approach to the many facets of the industrial market that set us apart from the rest. Our services include full service electrical installations, outage and startup support, PLC system upgrades, instrumentation installation & Calibration, electrical design-build, UL Listed control panel assembly, automation & programming, and maintenance & repairs.”, “discovered”: “2026-03-06 11:43:39.304748”, “domain”: “icselectricalservices.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 11:42:49”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c2c1a340d0e342e32fd9e661bf4956f0.png”, “url”: “https:\/\/www.ransomware.live\/id\/SUNTIEVsZWN0cmljYWwgU2VydmljZXNAZHJhZ29uZm9yY2U=”, “victim”: “ICS Electrical Services” }, { “activity”: “Construction”, “attackdate”: “2026-03-06 11:11:23.362875”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=f6241c85-a021-430e-bf37-4ff37c7d1025”, “country”: “US”, “description”: “A.C. Scott Electric Company was established in 1967 by Dexter C. Ricker and Frederik C. Nielsen as a partnership. On May 14, 1968 the company succeeded to incorporate. With the resignation of Dexter C. Ricker in 1984, Frederik C. Nielsen and his wife, Maiken Nielsen obtained 100% ownership of the corporation. From this point forward, A.C. Scott Electric Co., Inc. was operated as a \”family-owned\” small business enterprise in the State of New Jersey. Frederik and Maiken retired from the day to day operation of the corporation in 1999, relinquishing ownership and operational control to their son, Michael C. Nielsen.”, “discovered”: “2026-03-06 11:44:34.154783”, “domain”: “www.acscottelectric.com”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/70d0403a74702c6614699a711242247d.png”, “url”: “https:\/\/www.ransomware.live\/id\/QSBDIFNjb3R0IEVsZWN0cmljQGRyYWdvbmZvcmNl”, “victim”: “A C Scott Electric” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 11:06:31.731643”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=22ad8a65-7051-4bab-92f6-d8d08ed2dfec”, “country”: “US”, “description”: “North Central HIDTA is a federal program aimed at uniting federal, state, local, and tribal law enforcement agencies to combat drug trafficking activities in Minnesota and Wisconsin. By creating multi-agency task forces, the initiative works to reduce significant drug threats and enhance community safety. The organization focuses on intelligence sharing and coordinated law enforcement strategies to disrupt drug trafficking organizations and related violence. Additionally, North Central HIDTA provides targeted training for public safety and health professionals to further support drug enforcement and treatment efforts.”, “discovered”: “2026-03-06 11:45:29.857985”, “domain”: “www.northcentralhidta.org”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/350b9f1fd6a775015eaed8be4c34e6bd.png”, “url”: “https:\/\/www.ransomware.live\/id\/Tm9ydGggQ2VudHJhbCBISURUQUBkcmFnb25mb3JjZQ==”, “victim”: “North Central HIDTA” }, { “activity”: “Financial Services”, “attackdate”: “2026-03-06 09:53:17.736835”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=cbecddcb-d860-33d2-9751-674a496c81be”, “country”: “US”, “description”: “N\/A”, “discovered”: “2026-03-06 09:53:35.016524”, “domain”: “www.edgaragents.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/46ae750add40e22821ec2a439a4423cb.png”, “url”: “https:\/\/www.ransomware.live\/id\/RWRnYXIgQWdlbnRzQHFpbGlu”, “victim”: “Edgar Agents” }, { “activity”: “Education”, “attackdate”: “2026-03-06 07:35:50.472630”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=0cdb3d55-953a-4378-8702-8a5c5d8ce98b”, “country”: “GB”, “description”: “Salford City College is one of the largest further education providers in Greater Manchester. It was established in 2009 following a merger between several predecessor colleges.”, “discovered”: “2026-03-06 09:12:05.994422”, “domain”: “salfordcc.ac.uk”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 09:11:17”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/cd5325a4bd9c46144327f483ab8f250e.png”, “url”: “https:\/\/www.ransomware.live\/id\/c2FsZm9yZGNjLmFjLnVrQGRyYWdvbmZvcmNl”, “victim”: “salfordcc.ac.uk” }, { “activity”: “Technology”, “attackdate”: “2026-03-06 07:29:00.000000”, “claim_url”: “http:\/\/incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion\/blog\/disclosures\/69a1b8458f1d14b7434b2a2b”, “country”: “US”, “description”: “PACE Pacific Corporation is a Native American woman-owned small business that specializes in general contracting services in Arizona and New Mexico. Established in 1991, the company provides ground-up construction services for a diverse range of clients, including state, local, federal, tribal entities, and private developers. PACE offers comprehensive capabilities such as Construction Management, Self-Performing Concrete Division, and Design-Build Services, while maintaining a commitment to quality and a trained professional team. With extensive experience in sectors like education, healthcare, and military facilities, PACE aims to exceed client expectations as both a prime and subcontractor\r Employees: 200 \r Revenue: $13.2 Million\r Industry: Construction Management \r Phone Number: (602) 437-8729”, “discovered”: “2026-03-06 07:35:30.126963”, “domain”: “pacepacific.com”, “duplicates”: [], “extrainfos”: [], “group”: “incransom”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 07:35:01”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c4a4d7313d60b3b6b421b39185411671.png”, “url”: “https:\/\/www.ransomware.live\/id\/cGFjZXBhY2lmaWMuY29tQGluY3JhbnNvbQ==”, “victim”: “pacepacific.com” }, { “activity”: “Financial Services”, “attackdate”: “2026-03-06 03:47:28.888668”, “claim_url”: “”, “country”: “US”, “description”: “Over 800k records containing PII and other internal corporate data have been compromised. This is a final warning to reach out by 09 Mar 2026 before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline. | Updated: 06 Mar 2026 | Warning: FINAL WARNING”, “discovered”: “2026-03-06 03:47:31.065245”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “shinyhunters”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q0ZHSSBNYW5hZ2VtZW50LCBMTEMuQHNoaW55aHVudGVycw==”, “victim”: “CFGI Management, LLC.” }, { “activity”: “Financial Services”, “attackdate”: “2026-03-06 03:47:25.622990”, “claim_url”: “”, “country”: “US”, “description”: “Salesforce records were compromised and other internal corporate data have been compromised. The company failed to reach an agreement with us despite all the chances and offers we made. They don’t care about their clients nor investors. | Size: 15GB (compressed) | Updated: 06 Mar 2026 | SHA256: 6377f58fe8229bc376bbcf6acc32d00cdfb0ac415b8660106f29ca14fa6d0561”, “discovered”: “2026-03-06 03:47:26.930244”, “domain”: “Pathstone.com”, “duplicates”: [], “extrainfos”: [], “group”: “shinyhunters”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/UGF0aHN0b25lLmNvbUBzaGlueWh1bnRlcnM=”, “victim”: “Pathstone.com” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 03:10:45.156125”, “claim_url”: “”, “country”: “KR”, “description”: “Price ??? Disclosures 0\/1”, “discovered”: “2026-03-06 03:10:46.154419”, “domain”: “myfair.co”, “duplicates”: [], “extrainfos”: [], “group”: “killsec”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 03:10:25”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TXlGYWlyQGtpbGxzZWM=”, “victim”: “MyFair” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 03:10:21.679189”, “claim_url”: “”, “country”: “US”, “description”: “Price ??? Disclosures 0\/1”, “discovered”: “2026-03-06 03:10:22.802641”, “domain”: “medicalgpt.info”, “duplicates”: [], “extrainfos”: [], “group”: “killsec”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 03:10:02”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TWVkaWNhbEdQVEBraWxsc2Vj”, “victim”: “MedicalGPT” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 03:09:58.356470”, “claim_url”: “”, “country”: “US”, “description”: “Price ??? Disclosures 0\/1”, “discovered”: “2026-03-06 03:09:59.337281”, “domain”: “yurdriversnetwork.com”, “duplicates”: [], “extrainfos”: [], “group”: “killsec”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 03:09:39”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/eXVyZHJpdmVyc25ldHdvcmtAa2lsbHNlYw==”, “victim”: “yurdriversnetwork” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “”, “country”: “”, “description”: “Siwax Group specializes in the design and production of high-qual\nity waxes, emulsions, and hotmelts for various industries. Their \nextensive product range caters to sectors such as packaging, food\n, rubber, surface treatments, and cosmetics.\n\nWe will upload 13gb of corporate data soon. Employee personal doc\numents (passports other personal docs and scans), financials, fil\nes with Volkswagen and Renault names and so on, projects, contrac\nts and agreements, NDAs, etc.\n”, “discovered”: “2026-03-06 13:03:00.779797”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2l3YXggU3BlY2lhbHRpZXMgR3JvdXBAYWtpcmE=”, “victim”: “Siwax Specialties Group” }, { “activity”: “Not Found”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “”, “country”: “DE”, “description”: “W.AG Funktion Design GmbH specializes in the production of cust\nomized high-quality cases that act as brand ambassadors for vario\nus industries.\n\nWe will upload 50gb of corporate data soon. Employee personal doc\numents (German passports, medical information and other docs), pr\nojects, contracts and agreements, NDAs, etc.\n”, “discovered”: “2026-03-06 13:03:04.619050”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/V0FHIEZ1bmt0aW9uIERlc2lnbkBha2lyYQ==”, “victim”: “WAG Funktion Design” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “Verdugo Tool and Engineering specializes in sheet metal stamping \nparts, serving industries including aerospace, defense, automotiv\ne, medical, and commercial for over 50 years. They offer a one-st\nop shop for all sheet metal needs, providing services such as too\nl and die design, laser cutting, metal stamping, and various valu\ne-added services.\n\nWe will upload 10gb of corporate data soon. Employee personal doc\numents, HR files, projects, contracts and agreements, confidentia\nlity agreements, NDAs, etc.\n”, “discovered”: “2026-03-06 13:03:08.777351”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VmVyZHVnbyBUb29sICYgRW5naW5lZXJpbmdAYWtpcmE=”, “victim”: “Verdugo Tool & Engineering” }, { “activity”: “Telecommunication”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=dff04a2c-3922-3de4-8145-ebeebbe9d770”, “country”: “MG”, “description”: “N\/A”, “discovered”: “2026-03-06 19:48:00.719103”, “domain”: “www.orange.mg”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/3e391aa267429f3bab5b159921da0784.png”, “url”: “https:\/\/www.ransomware.live\/id\/T3JhbmdlIE1hZGFnYXNjYXJAcWlsaW4=”, “victim”: “Orange Madagascar” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/1ca8fe3a546e93a71932\/”, “country”: “US”, “description”: “A non-profit organization”, “discovered”: “2026-03-07 11:45:07.799596”, “domain”: “nadap.org”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:44:29”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/31b610a580360d9d5dd9da606702d205.png”, “url”: “https:\/\/www.ransomware.live\/id\/TkFEQVBAZ2VuZXNpcw==”, “victim”: “NADAP” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-06 00:00:00.000000”, “claim_url”: “http:\/\/genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion\/8a6750dcebd3a0fd2bbd\/”, “country”: “US”, “description”: “A leader in flow control technology and valves, specializing in HVAC and irrigation applications”, “discovered”: “2026-03-07 11:45:50.705849”, “domain”: “griswoldcontrols.com”, “duplicates”: [], “extrainfos”: [], “group”: “genesis”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 11:45:12”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/ca4323ffe65715180f724d5b4125fcdc.png”, “url”: “https:\/\/www.ransomware.live\/id\/R3Jpc3dvbGQgQ29udHJvbHNAZ2VuZXNpcw==”, “victim”: “Griswold Controls” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-05 18:37:43.765852”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=c3257305-2da8-35c5-aa85-b36c833f78cc”, “country”: “DE”, “description”: “N\/A”, “discovered”: “2026-03-05 18:38:00.857168”, “domain”: “www.nopa-valves.de”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c7a977f7c15c2fb78b951f9093b8f2f8.png”, “url”: “https:\/\/www.ransomware.live\/id\/Tm9wYSBJbmR1c3RyaWVhcm1hdHVyZW5AcWlsaW4=”, “victim”: “Nopa Industriearmaturen” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 18:36:27.637639”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=8d371143-900b-34e3-8d18-53a7f2defb2d”, “country”: “IL”, “description”: “N\/A”, “discovered”: “2026-03-05 18:36:43.989724”, “domain”: “www.elcsecurity.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/3e61361f30ff236ac852d7c3d89f4957.png”, “url”: “https:\/\/www.ransomware.live\/id\/RUxDIFNlY3VyaXR5IFByb2R1Y3RzQHFpbGlu”, “victim”: “ELC Security Products” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 18:35:48.401133”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=f69fd746-ad09-31ed-bb8b-209421d85dc5”, “country”: “CA”, “description”: “N\/A”, “discovered”: “2026-03-05 18:36:05.192683”, “domain”: “www.lococos.ca”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/7e7872bc5f9934a36f6f064ea2ad7820.png”, “url”: “https:\/\/www.ransomware.live\/id\/QSBMb2NvY28gV2hvbGVzYWxlQHFpbGlu”, “victim”: “A Lococo Wholesale” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 18:35:06.359492”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=8a394eb9-484e-3476-97e2-305ab9d9c3d2”, “country”: “NL”, “description”: “N\/A”, “discovered”: “2026-03-05 18:35:26.060320”, “domain”: “www.abutriek.be”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/d0b6029241154b17d5b3459c3716d2b4.png”, “url”: “https:\/\/www.ransomware.live\/id\/QWJ1dHJpZWtAcWlsaW4=”, “victim”: “Abutriek” }, { “activity”: “Energy”, “attackdate”: “2026-03-05 17:02:52.876741”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=0209ba19-6b23-3516-ac35-2972c5c5667b”, “country”: “US”, “description”: “N\/A”, “discovered”: “2026-03-05 17:03:10.645202”, “domain”: “www.tvec.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/cb0bc86a03d10c8d5266ab6bc566775a.png”, “url”: “https:\/\/www.ransomware.live\/id\/VGVubmVzc2VlIFZhbGxleSBFbGVjdHJpYyBDb29wZXJhdGl2ZUBxaWxpbg==”, “victim”: “Tennessee Valley Electric Cooperative” }, { “activity”: “Financial Services”, “attackdate”: “2026-03-05 16:27:05.678816”, “claim_url”: “https:\/\/handala-hack.to\/atlas-insurances-ltd-hacked\/”, “country”: “IL”, “description”: “In our ongoing efforts to confront the support networks of the Zionist occupation regime, Handala Hack has successfully targeted a key economic pillar of this regime in the field of marine insurance. Atlas Insurances Ltd (\u05d0\u05d8\u05dc\u05e1 \u05d1\u05d9\u05d8\u05d5\u05d7\u05d9\u05dd), which for decades has acted as the primary insurer of the Zionist regime\u2019s maritime fleet and the transfer\u2026”, “discovered”: “2026-03-05 16:27:23.782319”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/dae2f9c4e9f898f7dc7f57f33c028580.png”, “url”: “https:\/\/www.ransomware.live\/id\/QXRsYXMgSW5zdXJhbmNlcyBMdGRAaGFuZGFsYQ==”, “victim”: “Atlas Insurances Ltd” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 13:32:00.000000”, “claim_url”: “http:\/\/incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion\/blog\/disclosures\/69a9f6838f1d14b7434f3234”, “country”: “US”, “description”: “North Star Insurance Advisors is the leading final expense telesales company in America, dedicated to serving the senior market, agents, and partners. The company offers innovative training, a competitive compensation structure, and limitless growth opportunities for agents and partners. With over 40 years of combined experience, North Star utilizes proprietary technology to assist families with their final expense needs. As a purpose-driven organization, they prioritize people and aim to provide valuable resources to navigate life’s challenges.\r Employees: 200\r Revenue: $44.9 Million\r Industry: Insurance\r Phone Number: (636) 205-5005”, “discovered”: “2026-03-05 22:28:44.341177”, “domain”: “northstaria.com”, “duplicates”: [], “extrainfos”: [], “group”: “incransom”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-05 22:28:12”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/9b559e19b703882b7a8f3b93a26a4255.png”, “url”: “https:\/\/www.ransomware.live\/id\/bm9ydGhzdGFyaWEuY29tQGluY3JhbnNvbQ==”, “victim”: “northstaria.com” }, { “activity”: “Agriculture and Food Production”, “attackdate”: “2026-03-05 13:23:16.050525”, “claim_url”: “http:\/\/fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion\/companies\/jbs”, “country”: “BR”, “description”: “JBS Brazil is a multinational food company primarily engaged in the production and processing of meat, including beef, poultry, and pork. It operates globally, offering a wide range of food product…”, “discovered”: “2026-03-05 13:23:30.414299”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “coinbasecartel”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/0a5f7f0f0d0f98bb87d49310d9d547e2.png”, “url”: “https:\/\/www.ransomware.live\/id\/SkJTIEJyYXppbCAtIFdlIGhhdmUgM1RCIG9mIHlvdXIgZGF0YUBjb2luYmFzZWNhcnRlbA==”, “victim”: “JBS Brazil – We have 3TB of your data” }, { “activity”: “Construction”, “attackdate”: “2026-03-05 11:59:43.556696”, “claim_url”: “”, “country”: “EG”, “description”: “[AI generated] Rowad Modern Engineering is an Egypt-based construction firm specializing in the implementation and delivery of various construction projects. The company offers services ranging from civil engineering and construction management to project costing and risk management. It has a prominent role in constructing infrastructure, roads, commercial, and residential buildings.”, “discovered”: “2026-03-05 11:59:47.015114”, “domain”: “www.rowad-rme.com”, “duplicates”: [], “extrainfos”: { “size”: “” }, “group”: “crypto24”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Um93YWQgTW9kZXJuIEVuZ2luZWVyaW5nQGNyeXB0bzI0”, “victim”: “Rowad Modern Engineering” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 10:10:00.000000”, “claim_url”: “http:\/\/incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion\/blog\/disclosures\/69a9caa98f1d14b7434b8533”, “country”: “US”, “description”: “Parker Lipman LLP is a premiere Denver personal injury law firm working for years, protecting the rights of the injured. Call our experienced attorneys for representation in personal injury and accidents.”, “discovered”: “2026-03-05 18:59:56.313942”, “domain”: “parkerlipman.com”, “duplicates”: [], “extrainfos”: [], “group”: “incransom”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-05 18:59:00”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/78c9cb6af474a9abd1781979836e3782.png”, “url”: “https:\/\/www.ransomware.live\/id\/cGFya2VybGlwbWFuLmNvbUBpbmNyYW5zb20=”, “victim”: “parkerlipman.com” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “http:\/\/tridentfrdy6jydwywfx4vx422vnto7pktao2gyx2qdcwjanogq454ad.onion\/article\/d8954d9b-f2a1-48c0-bfa3-dc4579a7c4cd”, “country”: “US”, “description”: “[AI generated] Jameson Pepple Cantu PLLC is a boutique law firm located in Houston, Texas. This firm provides a broad range of legal services but specializes in areas related to business such as Corporate Law, Real Estate, Mergers and Acquisitions, and Securities. The team, made up of experienced professionals, prides themselves in their dedicated and personalized approach to each client’s legal needs.”, “discovered”: “2026-03-05 08:23:57.245431”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “tridentlocker”, “screenshot”: “https:\/\/images.ransomware.live\/victims\/0ca0fa44d5141dacb03c0d4b99c76716.png”, “url”: “https:\/\/www.ransomware.live\/id\/SmFtZXNvbiBQZXBwbGUgQ2FudHUgUExMQ0B0cmlkZW50bG9ja2Vy”, “victim”: “Jameson Pepple Cantu PLLC” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “DesignSourceCT is Connecticut’s largest and most comprehensive de\nsigner showroom, established in 2005, catering to trade professio\nnals and their clients. The showroom offers a thoughtfully curate\nd selection of high-quality home furnishings, including fabric, f\nurniture, flooring, and more from trusted brand names.\n\nWe will upload corporate data soon. Projects, contracts, clients \ndocs and so on.\n”, “discovered”: “2026-03-05 13:19:17.780288”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RGVzaWduU291cmNlQ1RAYWtpcmE=”, “victim”: “DesignSourceCT” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “DE”, “description”: “Trionex Achats specializes in the manufacturing and repair of hyd\nraulic and pneumatic cylinders, as well as providing hydraulic se\nrvices and engineering solutions. Their product offerings include\na wide range of hydraulic components, pumps, filtration systems,\nand pneumatic equipment, catering to various industries such as \nmining, forestry, and industrial sectors.\n\nWe will upload corporate data soon. Personal files of employees (\npassport and DLs, SSNs and so on), financials, project documentat\nion, contracts and agreements, NDAs, clients contacts and so on.\n”, “discovered”: “2026-03-05 13:19:21.460653”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VHJpb25leEBha2lyYQ==”, “victim”: “Trionex” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=8b635233-e793-31b3-83e1-4bae8ca3d614”, “country”: “US”, “description”: “N\/A”, “discovered”: “2026-03-05 14:05:53.572480”, “domain”: “www.kands.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SyAmIFMgQ29tcGFueSwgSW5jQHFpbGlu”, “victim”: “K & S Company, Inc” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “DE”, “description”: “Schaltbau develops and manufactures electromechanical components \nand innovative driver’s desks for railways and industry. Since 19\n29, the company has been responsible for the safe operation of ra\nil services, and today the company protect systems in industrial \napplications for renewable energy, e-mobility, and automation.\n\nWe will upload 20gb of corporate data soon. Employee passports an\nd other personal docs scans, lots of projects, specifications, co\nntracts, internal confidential files, clients docs and so on.\n”, “discovered”: “2026-03-05 14:48:43.595633”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U2NoYWx0YmF1QGFraXJh”, “victim”: “Schaltbau” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “CA”, “description”: “Rosenberg Vend\u00f4me specializes in ventilation solutions, offering \ncustomized design and manufacturing services. They provide techni\ncal support tailored to meet the specific needs of their clients,\nensuring energy-efficient and effective ventilation systems.\n\nWe will upload 16gb of corporate data soon. Employee passports an\nd other scanned docs, HR files, projects, contracts and agreement\ns, clients docs and contacts, NDAs, etc.\n”, “discovered”: “2026-03-05 16:19:12.095649”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RWNvZml0QGFraXJh”, “victim”: “Ecofit” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “JP”, “description”: “Donjon Pte Ltd, established in 2003, specializes in Mechanical an\nd Electrical Engineering, offering services such as electrical en\ngineering, renewable engineering, generator supply, service and m\naintenance, annual shutdowns, integrated building services, and a\nir-conditioning and mechanical ventilation.\n\nWe will upload 58gb of corporate data soon. Employee personal doc\numents, HR files, lots of drawings and specifications, projects, \ncontracts and agreements, internal confidential files, clients do\ncs, NDAs, etc.\n”, “discovered”: “2026-03-05 16:19:16.575275”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/RG9uam9uQGFraXJh”, “victim”: “Donjon” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “”, “description”: “Applied Products, Inc. is a leading supplier of high-performance,\npressure-sensitive adhesives for various OEM industries such as \nHVAC, construction, automotive, and appliance manufacturing.\n\nWe will upload corporate data soon. Employee passports, DLs, proj\nects, confidential agreements, clients docs, NDAs, etc.\n”, “discovered”: “2026-03-05 16:19:22.003870”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “akira”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QXBwbGllZCBQcm9kdWN0c0Bha2lyYQ==”, “victim”: “Applied Products” }, { “activity”: “Healthcare”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “http:\/\/ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion\/site\/view?uuid=0388f261-0e78-39aa-90e6-9f31c9b21ce4”, “country”: “KR”, “description”: “N\/A”, “discovered”: “2026-03-05 18:37:21.088518”, “domain”: “en.cdoracleclinic.com”, “duplicates”: [], “extrainfos”: [], “group”: “qilin”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-05 18:36:46”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/afa58f9c0f7ef6dbb3d18f6a42504adc.png”, “url”: “https:\/\/www.ransomware.live\/id\/Q2hlb25nZGFtIE9yYWNsZUNsaW5pY0BxaWxpbg==”, “victim”: “Cheongdam OracleClinic” }, { “activity”: “Not Found”, “attackdate”: “2026-03-05 00:00:00.000000”, “claim_url”: “”, “country”: “”, “description”: “Data is not available now.”, “discovered”: “2026-03-06 15:09:27.267860”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/QioqICpyKnQqKnIqICppKiAqKnMqKipzIG9mICoqKnRlKiogKmkqKm8qKmlAbmlnaHRzcGlyZQ==”, “victim”: “B** *r*t**r* *i* **s***s of ***te** *i**o**i” }, { “activity”: “Technology”, “attackdate”: “2026-03-04 23:59:00.000000”, “claim_url”: “http:\/\/incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion\/blog\/disclosures\/69a38f9b8f1d14b7436e50f9”, “country”: “US”, “description”: “Pigler Automation specializes in Industrial Automation System Integration, helping clients streamline and modernize their operations to enhance efficiency and productivity. Their services include control system consultation, project planning, and support for various industries such as biopharma, oil and gas, and energy. With over 20 years of experience, their team of certified engineers offers expertise in SCADA design, PLC programming, and system integration. Pigler Automation aims to bridge the gap between legacy systems and cutting-edge automation, ensuring clients can optimize performance and stay ahead of industry challenges.\r Employees: 50 \r Revenue: $5 Million\r Industry: Industrial Machinery & Equipment\r Phone Number: (866) 871-1456\r “, “discovered”: “2026-03-05 02:13:27.137324”, “domain”: “piglerautomation.com”, “duplicates”: [], “extrainfos”: [], “group”: “incransom”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-05 02:12:49”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/c702b187d6d8494760c95ef2203ce651.png”, “url”: “https:\/\/www.ransomware.live\/id\/cGlnbGVyYXV0b21hdGlvbi5jb21AaW5jcmFuc29t”, “victim”: “piglerautomation.com” }, { “activity”: “Public Sector”, “attackdate”: “2026-03-04 19:15:38.000000”, “claim_url”: “https:\/\/handala-hack.to\/israel-institute-for-national-security-studies-inss-hacked\/”, “country”: “IL”, “description”: “INSS Hacked Your national security is built on deception, media manipulation, and the brainwashing of Jews. How did your national security institution imagine it could end the war in just a few days? But this time is different, and there will be no end. This is a war between good and evil, and all the\u2026”, “discovered”: “2026-03-04 20:15:44.168104”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “handala”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/SXNyYWVsIEluc3RpdHV0ZSBmb3IgTmF0aW9uYWwgU2VjdXJpdHkgU3R1ZGllcyAoSU5TUylAaGFuZGFsYQ==”, “victim”: “Israel Institute for National Security Studies (INSS)” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-04 11:48:37.957456”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=ebf6297c-a24f-49a2-978b-707ddca6585b”, “country”: “”, “description”: “Environmental Air, Inc. has been a trusted provider of Sheet Metal Fabrication, Custom Ductwork Fittings, Welding, and HVAC Installation services for over 40 years in Pittsburgh and Western Pennsylvania. They specialize in product design, fabrication, installation, and testing, catering to various sectors, including hospitals, institutional buildings, and retail spaces. The company prides itself on its experience, quality, and value. Their facility is equipped to handle immediate project fabrication and delivery needs”, “discovered”: “2026-03-04 20:13:06.389462”, “domain”: “www.env-air.net”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/84250a406560172ae69bf02bfa8327a6.png”, “url”: “https:\/\/www.ransomware.live\/id\/RW52aXJvbm1lbnRhbCBBaXJAZHJhZ29uZm9yY2U=”, “victim”: “Environmental Air” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-04 11:04:35.798510”, “claim_url”: “http:\/\/z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion\/blog\/?post_uuid=087abc8c-c252-4bed-afce-b6fc1e03a699”, “country”: “TR”, “description”: “Tenteks specializes in high-quality awning and shading systems, offering a wide range of models suitable for various applications. The company provides solutions such as bioclimatic pergolas, motorized systems, and other bespoke designs, catering to the needs of both residential and commercial clients. Their products are designed to enhance comfort and aesthetic appeal, making them ideal for hotels, restaurants, pools, balconies, and patios. Operating since 1989, Tenteks is recognized for its durable offerings that comply with European standards, ensuring client satisfaction across multiple countries.”, “discovered”: “2026-03-04 18:38:21.707069”, “domain”: “www.tenteks.com.tr”, “duplicates”: [], “extrainfos”: [], “group”: “dragonforce”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/b66d259d984b396b10ee3865aaa393e2.png”, “url”: “https:\/\/www.ransomware.live\/id\/VGVudGVrcyBUZW50ZUBkcmFnb25mb3JjZQ==”, “victim”: “Tenteks Tente” }, { “activity”: “Manufacturing”, “attackdate”: “2026-03-04 09:29:00.000000”, “claim_url”: “http:\/\/incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion\/blog\/disclosures\/69a86c0b8f1d14b743f6d074”, “country”: “US”, “description”: “Saturn Machine is a leading designer and manufacturer of equipment for major steel companies in North America, specializing in steel fabrication, machining, laser processing, and sandblasting. The company prides itself on delivering high-quality products and problem-solving solutions, supported by a team of skilled professionals and advanced machinery. With capabilities in mechanical and electrical engineering, hydraulic system design, and welding fabrication, Saturn Machine aims to expand its services to a broader client base. Their commitment to customer satisfaction and excellence in design sets them apart in the steel products manufacturing industry.\r Employees: 50\r Revenue: $6 Million\r Industry: Industrial Machinery & Equipment\r Phone Number: (270) 333-2104”, “discovered”: “2026-03-04 18:40:59.961197”, “domain”: “saturnmachine.net”, “duplicates”: [], “extrainfos”: [], “group”: “incransom”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-04 18:40:28”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/166e50764c6231e85f16f2347c86d914.png”, “url”: “https:\/\/www.ransomware.live\/id\/c2F0dXJubWFjaGluZS5uZXRAaW5jcmFuc29t”, “victim”: “saturnmachine.net” }, { “activity”: “Not Found”, “attackdate”: “2026-03-04 00:00:00.000000”, “claim_url”: “”, “country”: “”, “description”: “Data is not available now.”, “discovered”: “2026-03-05 04:11:04.123609”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TipYKioqICoqIEkqKnIqKioqYyoqKipAbmlnaHRzcGlyZQ==”, “victim”: “N*X*** ** I**r****c****” }, { “activity”: “Not Found”, “attackdate”: “2026-03-04 00:00:00.000000”, “claim_url”: “”, “country”: “”, “description”: “Data is not available now.”, “discovered”: “2026-03-05 12:39:18.433843”, “domain”: “”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/KiphKioqKnQgKioqZWwqKioqKnQgR3IqdXAgTCoqQG5pZ2h0c3BpcmU=”, “victim”: “**a****t ***el*****t Gr*up L**” }, { “activity”: “Not Found”, “attackdate”: “2026-03-04 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “Data is not available now.”, “discovered”: “2026-03-07 13:40:56.542296”, “domain”: “www.stalwartdg.com”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/U3RhbHdhcnQgRGV2ZWxvcG1lbnQgR3JvdXAgTExDQG5pZ2h0c3BpcmU=”, “victim”: “Stalwart Development Group LLC” }, { “activity”: “Technology”, “attackdate”: “2026-03-03 00:00:00.000000”, “claim_url”: “http:\/\/pearsmob5sn44ismokiusuld34pnfwi6ctgin3qbvonpoob4lh3rmtqd.onion\/Companies\/interactts”, “country”: “EG”, “description”: “Leading company in providing the latest technologies and business solutions”, “discovered”: “2026-03-06 11:14:50.785062”, “domain”: “interactts.com”, “duplicates”: [], “extrainfos”: { “Activity”: “Business Services”, “Revenue”: “$55.1M”, “Status”: “announced” }, “group”: “pear”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-06 11:14:16”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/1e33c4306d315cd8bfc3032183aa960f.png”, “url”: “https:\/\/www.ransomware.live\/id\/SU5URVJBQ1QgVEVDSE5PTE9HWSBTT0xVVElPTlNAcGVhcg==”, “victim”: “INTERACT TECHNOLOGY SOLUTIONS” }, { “activity”: “Not Found”, “attackdate”: “2026-03-02 00:00:00.000000”, “claim_url”: “http:\/\/pearsmob5sn44ismokiusuld34pnfwi6ctgin3qbvonpoob4lh3rmtqd.onion\/Companies\/cticoordinators”, “country”: “US”, “description”: “Freight transportation services throughout the United States and province of Ontario Canada”, “discovered”: “2026-03-05 12:41:05.250124”, “domain”: “cticoordinators.com”, “duplicates”: [], “extrainfos”: { “Activity”: “Transportation Services”, “Revenue”: “$16M”, “Status”: “announced” }, “group”: “pear”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-05 12:40:32”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/6e6886c47442b8e307037c2211dfa7a8.png”, “url”: “https:\/\/www.ransomware.live\/id\/Q1RJICYgQ29vcmRpbmF0b3JzQHBlYXI=”, “victim”: “CTI & Coordinators” }, { “activity”: “Transportation\/Logistics”, “attackdate”: “2026-02-24 00:00:00.000000”, “claim_url”: “”, “country”: “LT”, “description”: “Data is not available now.”, “discovered”: “2026-03-07 01:47:37.646052”, “domain”: “magneta.lt”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 01:47:17”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/TUFHTkVUQSBMT0dJU1RJQ1MsIFVBQkBuaWdodHNwaXJl”, “victim”: “MAGNETA LOGISTICS, UAB” }, { “activity”: “Not Found”, “attackdate”: “2026-02-18 00:00:00.000000”, “claim_url”: “”, “country”: “ES”, “description”: “- Internal Documents- Financial Data”, “discovered”: “2026-03-05 06:42:30.325497”, “domain”: “www.klein.pro”, “duplicates”: [], “extrainfos”: { “data_size”: “150GB” }, “group”: “nightspire”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/S0xFSU4gSUJFUklDQSBTQUBuaWdodHNwaXJl”, “victim”: “KLEIN IBERICA SA” }, { “activity”: “Technology”, “attackdate”: “2026-02-18 00:00:00.000000”, “claim_url”: “”, “country”: “DE”, “description”: “Data is not available now.”, “discovered”: “2026-03-07 00:15:57.052257”, “domain”: “www.thallos.ag”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/dGhhbGxvcyBBR0BuaWdodHNwaXJl”, “victim”: “thallos AG” }, { “activity”: “Public Sector”, “attackdate”: “2026-02-18 00:00:00.000000”, “claim_url”: “http:\/\/termiteuslbumdge2zmfmfcsrvmvsfe4gvyudc5j6cdnisnhtftvokid.onion\/post\/69ab564cc3aeb8d444652359”, “country”: “”, “description”: “Founded in 1871, the City of Huntington is located in western West Virginia. It is the county seat of Cabell County and also stretches into Wayne County.\n”, “discovered”: “2026-03-07 00:25:55.876181”, “domain”: “www.cityofhuntington.com”, “duplicates”: [], “extrainfos”: [], “group”: “termite”, “infostealer”: “”, “press”: { “link”: “https:\/\/www.ransomware.live\/id\/Y2l0eW9maHVudGluZ3Rvbi5jb21AMjAyNi0wMi0xOA==”, “source”: “https:\/\/dysruptionhub.com\/huntington-wv-cyber-incident\/”, “summary”: “La ville de Huntington, en Virginie-Occidentale, a d\u00e9tect\u00e9 une activit\u00e9 suspecte et a isol\u00e9 ses syst\u00e8mes pour enqu\u00eater sur une faille de s\u00e9curit\u00e9. Les autorit\u00e9s travaillent avec l’agence de cybers\u00e9curit\u00e9 pour d\u00e9terminer l’ampleur de l’incident. Les d\u00e9tails sur l’intrusion et les cons\u00e9quences sont encore inconnus.” }, “screenshot”: “https:\/\/images.ransomware.live\/victims\/9bfa050ea73b6423bdf0bc5d0d6250eb.png”, “url”: “https:\/\/www.ransomware.live\/id\/Q2l0eSBvZiBIdW50aW5ndG9uQHRlcm1pdGU=”, “victim”: “City of Huntington” }, { “activity”: “Healthcare”, “attackdate”: “2026-02-15 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “Data is not available now.”, “discovered”: “2026-03-07 01:47:14.165899”, “domain”: “www.11thstvet.com”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “infostealer”: “”, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/MTF0aCBTdHJlZXQgVmV0ZXJpbmFyeSBIb3NwaXRhbEBuaWdodHNwaXJl”, “victim”: “11th Street Veterinary Hospital” }, { “activity”: “Not Found”, “attackdate”: “2026-02-10 00:00:00.000000”, “claim_url”: “”, “country”: “US”, “description”: “Data is not available now.”, “discovered”: “2026-03-07 03:14:07.142617”, “domain”: “cpgcanhelp.com”, “duplicates”: [], “extrainfos”: [], “group”: “nightspire”, “infostealer”: { “employees”: 0, “employees_url”: 0, “infostealer_stats”: [], “thirdparties”: 0, “thirdparties_domain”: 0, “update”: “2026-03-07 03:13:46”, “users”: 0, “users_url”: 0 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/Q1BHIERvY3VtZW50YXRpb25AbmlnaHRzcGlyZQ==”, “victim”: “CPG Documentation” }, { “activity”: “Technology”, “attackdate”: “2025-03-29 02:38:20.000000”, “claim_url”: “”, “country”: “CN”, “description”: “Transsion Holdings is a diversified international telecommunications manufacturing company founded in 2006, specializing in mobility solutions with operations in over 50 countries globally.The data contains git, git-ai, vendor proprietary code, NDA documents, and other internal documents.”, “discovered”: “2026-03-06 05:51:09.709095”, “domain”: “transsion.com”, “duplicates”: [ { “attackdate”: “2025-03-29 02:38:20.000000”, “date”: “2026-03-06 05:51:09.781254”, “group”: “hellcat”, “link”: “https:\/\/www.ransomware.live\/id\/VHJhbnNzaW9uIEhvbGRpbmdzQGhlbGxjYXQ=” } ], “extrainfos”: [], “group”: “AiLock”, “infostealer”: { “employees”: 23, “employees_url”: 12, “infostealer_stats”: { “Azorult”: 14, “CRYPTBOT”: 6, “Lumma”: 1058, “Raccoon”: 260, “RedLine”: 1366, “StealC”: 228, “UNKNOWN”: 22, “Vidar”: 76 }, “thirdparties”: 381, “thirdparties_domain”: 59, “update”: “2025-03-29 04:19:50”, “users”: 1774, “users_url”: 100 }, “press”: null, “screenshot”: “”, “url”: “https:\/\/www.ransomware.live\/id\/VHJhbnNzaW9uQEFpTG9jaw==”, “victim”: “Transsion” }, { “activity”: “Energy”, “attackdate”: “2025-02-19 00:00:00.000000”, “claim_url”: “http:\/\/hptqq2o2qjva7lcaaq67w36jihzivkaitkexorauw7b2yul2z6zozpqd.onion\/post\/Ximk9LkDWjtu9BOA7qEnm12Dam4VhCRi”, “country”: “US”, “description”: “Crescent is a growth-oriented U.S. independent energy company engaged in the acquisition, development and operation of oil and natural gas properties. Crescents portfolio of low-decline, cash-flow oriented assets comprises both mid-cycle unconventional and conventional assets with a long reserve lif\u2026”, “discovered”: “2026-03-07 13:02:42.696348”, “domain”: “www.zoominfo.com\/c\/crescent-energy\/560087910”, “duplicates”: [ { “attackdate”: “2025-02-19 00:00:00.000000”, “date”: “2026-03-07 13:02:42.856542”, “group”: “thegentlemen”, “link”: “https:\/\/www.ransomware.live\/id\/VW5pdmVyc2lkYWRlIEZlZGVyYWwgZGUgU2VyZ2lwZUB0aGVnZW50bGVtZW4=” } ], “extrainfos”: { “data_size”: “410 GB” }, “group”: “chaos”, “infostealer”: “”, “press”: null, “screenshot”: “https:\/\/images.ransomware.live\/victims\/17a98e495f26cd229055be988bb936ba.png”, “url”: “https:\/\/www.ransomware.live\/id\/Y3Jlc2NlbnRlbmVyZ3ljby5jb21AY2hhb3M=”, “victim”: “crescentenergyco.com” } ]