The ransomware claim identifies tengu as the threat actor behind an attack on Shora Advisory, a Morocco-based network of accounting, consulting, and auditing firms. The incident targets Shora Advisory across major Moroccan cities, disrupting its financial management, accounting, legal and tax services #Morocco
Category: Ransom Monitor
GrayMatter, a Bangalore-based IT company specializing in data analytics, AI, and BI with flagship products like Skateboard and StoreSense, is the alleged victim of a ransomware operation attributed to Sinobi. The claim indicates the incident impacted operations in the United Kingdom #UnitedKingdom
Sinobi claims to have compromised Gentegra, a US-based company that specializes in RNA and DNA sample stabilization, and to have stolen sensitive research and customer data. The threat actor threatens to publish the stolen data or encrypt systems unless a ransom is paid, potentially disrupting sample management operations. #UnitedStates
Ransomware claim alleges Electriduct, a US-based cable management solutions provider, was targeted by the Sinobi threat actor. The claim describes operational disruptions and potential data exposure as Sinobi negotiates ransom with Electriduct. #UnitedStates
Saltech Systems, a US-based technology company with offices in Iowa and Texas, reports a ransomware claim attributed to the threat actor Sinobi, alleging that its networks were encrypted and data may be exposed unless a ransom is paid. The claim designates the United States as the impacted country and highlights Saltech’s services in application development, IT support, cybersecurity, and cloud hosting #UnitedStates
The ransomware claim by threat actor handala alleges they exposed “The General in the Shadows: Sapir’s Commander Exposed” and frames Sapir as the ultra-classified crisis-management system that links the army, Mossad, Shin Bet, and the Prime Minister’s Office in times of war or national emergency. It portrays Sapir as an “impenetrable fortress” and suggests a breach of national security leadership as part of the claimed impact.
#Israel
A ransomware claim attributed to the threat actor ransomhouse targets the Warren County Sheriff’s Office in Kentucky, described as a professional law enforcement agency dedicated to protecting residents and visitors. The claim involves an ‘Internal database pack 4’ and notes potential data exposure across the office’s wide range of duties, including civil process, emergency response, and public safety initiatives. #countryUnitedStates
A ransomware claim targets aircotedivoire.com in ZA and attributes the attack to the threat actor incransom, established in 2012. Air Côte d’Ivoire offers direct and frequent flights and is based in Abidjan, Ivory Coast #SouthAfrica
A ransomware claim targets American Piping & Boiler Co. in the United States and is attributed to the threat actor nightspire. Data is not available now. #UnitedStates
The ransomware group incransom claims to have exfiltrated and leaked 279 GB of VALGO SA data—comprising 225,372 files and 50,902 folders—from VALGO SAS’s French operations. The leak allegedly includes confidential client information, NDAs, contracts, invoicing, and other financial and project data, with victims including Renault Group and other notable clients. #France
The DragonForce ransomware claim targets CCR Solutions in Canada, threatening to release private materials, including compromising images of the company’s CEO. This extortion-based claim describes DragonForce as the threat actor seeking payment by exposing sensitive visuals and damaging the company’s reputation.
CCR Solutions is a diverse and talented group of problem solvers, imaginative thinkers and caring people united in our passion for technology and hospitality. We are devoted to assisting companies and individuals in telling their stories, educating others, inspiring change, celebrating, and shaping the future. We value teamwork, relationships, and commitment to excellence. At CCR Solutions, it’s all about people. Yours and ours. Combined we can create memorable events and experiences. With offices throughout North America, CCR Solutions is a privately owned company that has been in business since 1995. We remain true to our core values of Passion, Integrity, Accountability and Safety. Extensive training and ongoing development guarantee our team is at the forefront of the latest staging, audio-visual and computer technology trends. Ensuring this experience and knowledge is used to support you. We pride ourselves in diversity of thought, and a can-do attitude combined with creativity. #Canada
The ransomware claim targets the University of Mannheim in Germany and is attributed to the threat actor qilin. Details about the attack and ransom demands are not disclosed (N/A).
#Germany
Insomnia claims to have breached AdMark Asia Group, a leading Asia-wide executive search firm with offices in Hong Kong, Shanghai, and Tokyo, encrypting data and threatening its release. The incident is described as impacting operations in the United States, potentially exposing client and candidate information #UnitedStates
Spacebears claims to have targeted Elgon Cosmetic in Italy, exfiltrating sensitive data including company financial reports, medical records, personal user data, product formulas, and customer data. Elgon Cosmetic is an Italian-founded company established in 1970, with details available at https://elgoncosmetic.com #Italy
Genesis claims to have compromised Community Management Associates, a US-based organization serving residential and master-planned communities, town homes, mixed-use and commercial/retail properties. The group threatens to release sensitive data unless a ransom is paid. #UnitedStates