Ransom! Phi (JUL-2026)
Nova targeted Phi (PHI Studio) with ransomware and provided sample data purportedly stolen from the organization, insisting the victim engage their support to receive decryption help in exchange for additional requirements. The claim references international activity in virtual reality/extended reality studios, ending with: #unknown

Incident Details

  • Victim: Phi
  • Sector: Not Found
  • Country:
  • Actor: nova
  • Source: http://pifk3xu3vad6cuxsjll4qjomyaaaoyvnyqppro75pazadzctrrvpdnyd.onion/phi
  • Discovered: 2026-07-17T01:32:34.432625+00:00
  • Published: 2026-07-17T01:31:41.569147+00:00

Information

  • Focuses on presenting and curating immersive works in VR, AR, and XR.
  • Recognized locally and internationally for innovative production, technical expertise, and new storytelling formats.
  • Has collaborated with major global industry players and contributed to many award-winning projects.
  • Has presented work in cities including New York, Tokyo, Venice, Frankfurt, Luxembourg, and Salt Lake City.
  • Known as a pioneer in interactive experiences and for pushing the boundaries of immersive projects.
  • Emphasizes visitor experience through detailed design and high-quality scenography.
  • Maintains close collaborations with artists, creators, directors, and producers from diverse backgrounds.
  • Aims to drive innovation and support the development of current and future talent.
  • Nova said it will provide a tree and samples from stolen data when contacted through support.

Disclaimer: This post is based on public claims made by the ransomware group "nova". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.

monitored by: ransomware.live