Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Shadowbyt3$

| Active | RaaS

ShadowByt3$ is a ransomware-as-a-service group first observed in October 2025, using multi-method extortion and communicating via Telegram and Tox, with a very small confirmed victim list suggesting it remains in early-stage operation.

Victims
8
 
First Discovered
2026-02-25
victim
Last Discovered
2026-05-21
victim
Inactive Since
10
days
Avg Delay
29
days
Infostealer
57.1%
victims with domain
Countries
4
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
+500% vs last month
Exclusive interview with the ransomware group ShadowByt3$ from the CyberSecurityIL Telegram Channel — ransomware-interviews.base44.app
Known Locations (4)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Leaks No 2026-05-24T06:07:15 mfbbt65kir2drc7tuoukwibikgvxquauscnzgbeltkmidjtgqlzm2qad.onion
favicon ShadowByt3$ No 2026-04-28T07:28:57 shadowbyt3s.8bit.ca
favicon SB | DDOS SHIELD Yes 2026-05-31T10:36:11 NGINX nginx 52rtvdymcqvebbamd3la3wtu3ofrcuzuzja3vrsu6wiyrq223osptzqd.onion
favicon SB | Data Leak Site Yes 2026-05-31T10:36:52 NGINX nginx shdwbt3ja2ptjt6poluegas44i35727lgmoqqquoww642x3zyocyhuqd.onion
Target
Top 5 Activity Sectors
  • Hospitality and Tourism 3
  • Education 3
  • Technology 1
Top 5 Countries
  • US flag United States 3
  • IN flag India 2
  • GB flag United Kingdom 1
  • SG flag Singapore 1
Heatmap
YARA Rules (1)
Victims (8)
Logo
Hotelogix Company (Hotelogix.com) IN
Shadowbyt3$
Discovered: 2026-05-21 (10d ago)
Should've not messed with us Hotelogix. We gave you guys numerous times to reach back and proceed wi…
Logo
StarBucks Company (StarBucks.com US
Shadowbyt3$
Discovered: 2026-05-21 (10d ago)  ·  Attack est.: 2026-04-01
StarBucks Failed to reach out to us and didn't pay even $500,000 when we know they can afford it. It…
Logo
PowerCampus IN
Shadowbyt3$
Discovered: 2026-05-14 (16d ago)
Cloud-based school management and collaboration platform targeting educational institutes in India, …
Logo
Stride Learning US
Shadowbyt3$
Discovered: 2026-05-14 (16d ago)
Stride Learning Should've Paid the ransom. We were only asking $500,000 in bitcoin or monero it's no…
Logo
Amplify Technology GB
Shadowbyt3$
Discovered: 2026-05-14 (16d ago)
Amplify technology has been a victim of an attack. There project they were working on with the pakis…
Logo
University Of Georgia US
Shadowbyt3$
Discovered: 2026-05-14 (16d ago)
ShadowByt3$ has breached University of Georgia. The full data is on are leak site. We stole approxim…
Logo
Hotelogix SG
Shadowbyt3$
Discovered: 2026-05-14 (16d ago)
We are ShadowByt3$. We have claimed responsibility for hacking Hotelogix. They have been breached th…
Logo
UMSA
Shadowbyt3$
Discovered: 2026-02-25 (3mo ago)  ·  Attack est.: 2026-02-17
File: UMSA_LEAK.7z…