Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Blacknevas / Trial recovery

Parent: trigona

| Active

BlackNevas is a ransomware group first observed in November 2024, believed to be derived from the Trigona ransomware family, targeting telecommunications, manufacturing, medical, and legal industries primarily in Asia-Pacific, the UK, Italy, and Lithuania using double-extortion with a dual AES/RSA encryption scheme.

Victims
31
 
First Discovered
2025-08-06
victim
Last Discovered
2026-04-30
victim
Inactive Since
13
days
Avg Delay
102.1
days
Infostealer
38.7%
victims with domain
Countries
15
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon DLS Yes 2026-05-13T16:40:36 NGINX nginx ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion
Target
Top 5 Activity Sectors
  • Manufacturing 7
  • Business Services 6
  • Consumer Services 5
  • Technology 5
  • Energy 2
Top 5 Countries
  • US flag United States 7
  • IN flag India 4
  • GB flag United Kingdom 3
  • ES flag Spain 3
  • IT flag Italy 2
Heatmap
YARA Rules (1)
Indicators of Compromise (IoCs) (27)
Hash SHA256 27
Type IOC
Hash SHA256 23642a78addcffd124db133a2dd2fcd2d1bdb060dd1e41da33cb18eec7a88867
Hash SHA256 2b9fe8a2629727470be1c928f7c9be7e2ea6cc22fb12f971902bf9cea8b16afb
Hash SHA256 360758c296310ba428d0d52c90e31c05fc43d5889282fa840283cf468f2378e8
Hash SHA256 3d09e930305cb3aa4ca54a39b0e3749f083d432f202606c8adac8455014b47fc
Hash SHA256 43f145fccec00f1e100ec3377eaf0ab60df3b9c5291b8011e05141cc04704be1
Hash SHA256 49fcbd606ff10d4661e222b8910ab7829d1668e3c97f1bab7eb51e8ec7d799a5
Hash SHA256 501821a19ccf59830789849beff94238736adb4b213870a511890c5c8efab2a6
Hash SHA256 623f3e98908962669e48edd414dbb67e9d4e204f677998fdcc9c2d790816a67f
Hash SHA256 713392f009bc133f24b3271379a4ac147e1a7782b6a1ac957c1fda69d676b550
Hash SHA256 840b1c580bfd15ca3eb1cc94cf479f63b93285d2599bc2e3cd361e3f5a340f19
Hash SHA256 8a2d6d27ffcc66400a640d3c9c9e6becb90c04c5bab452cac56f999c48a04d63
Hash SHA256 910cc03d64bf09f53cdf3b83068cc46368c23a061c2e1ed5df0e3a35d6c9e084
Hash SHA256 95e744ddcc2e8f89f6c6e25503eff2eb5e70e98f6989bb4a4e93f17b09448e78
Hash SHA256 9d9c146910f294b3e2a755f76e8066cd2edfac057ff54f00f405e2f9e8b9e51a
Hash SHA256 a0630e2a81775e8334ea9f8cac73cebf1b9a70507ea3347c0c2eba82c80219a6
Hash SHA256 a331504acf589be5d11202232a7a93eeb4fe6b053beea231d9a0a661bcaf3fd6
Hash SHA256 b0dfaf509de38749c49afcb3cd34d27126044bb77cc16896b02ebced6f95db02
Hash SHA256 b2353fce403b079735a606294c4ffc20a71f1c6b16ec15e94f554beafcddd1ea
Hash SHA256 bad3c2f72ef2be522a554a9615dc93027416a3d4048f77519fca5104fabba1f9
Hash SHA256 bf4adad2eb1163369c133ae61c181a3f91ef8640a457e9c4e72d77a60fbfa7ab
Hash SHA256 c08a752138a6f0b332dfec981f20ec414ad367b7384389e0c59466b8e10655ec
Hash SHA256 c0fc61631a20c373ce17e939e09cfb4f5179c9e0788e80079b4ee8986afe89bd
Hash SHA256 d953bce4d87f5837ce318481e3a1b6617cf64af976043d3b4b4866475bb31972
Hash SHA256 def75a41435dc28430097a7e116b2d17526ce2b0172995618f2749b0d732f7ea
Hash SHA256 e7706a633f24679c7550a31b96088dda8f772c98f64daee7cfbf0dc17a4a8338
Hash SHA256 eb8cbc4a0eae33bfdc4ecb99d033c81224b005e55588ceb86346f2b2d3fd790f
Hash SHA256 f25f76a85ded0d4d285d9ae5482d8fe07dade3e241853d00b17642d7873733e8
Victims (31)
Logo
PROMOSFERA S.R.l. IT
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2025-05-19
passports, employee and client documents, databases of promotional participants - hundreds of thousa…
Logo
KINAS SOLICITORS GB
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2025-06-09
In stock: 158930+ filedata size: 138+ GBClients' and companies' data. All accompanying documents for…
Logo
Paramount Health Services & Insurance TPA Pvt. Ltd IN
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2025-11-20
listing fileshttps://gofile.io/d/d34YJQThe website paramounttpa.com belongs to Paramount Health Serv…
Logo
The company MST (Sanko Makina and ASKO Holding) TR
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2026-03-17
The company MST (Sanko Makina and ASKO Holding) has direct and close ties to the Turkish defense ind…
Logo
E-CON Packaging Private Limited IN
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2026-03-21
312367 files300GBhttps://gofile.io/d/3nrP9GE-CON Packaging Private Limited,established in 1997 and b…
Logo
Heng An Standard Life Insurance HK
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2026-03-21
Downloaded:Complete Client Database: Unencrypted records containing full names, addresses, scanned i…
Logo
Carrera Casting Corp. US
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2026-03-21
• 3 terabytes of corporate data for free. Download it now while it's still available.• Please wait 2…
Logo
Bohmler Einrichtungshaus GmbH DE
Blacknevas
Discovered: 2026-04-30 (12d ago)  ·  Attack est.: 2026-04-13
First-class. Since 1875. For 150 years, we have stood for elegant and contemporary living: living co…
Logo
Applied LNG US
Blacknevas
Discovered: 2026-01-08 (4mo ago)  ·  Attack est.: 2025-12-22
file listing https://gofile.io/d/wsV8hlApplied LNG specializes in providing liquefied natural gas (L…
Logo
LATCOM AR
Blacknevas
Discovered: 2025-10-30 (6mo ago)  ·  Attack est.: 2025-10-19
LATCOM.com145146 files, 1TBhttps://gofile.io/d/xNrNCufile listing, we will provide any file from the…
Logo
Yateem Group BH
Blacknevas
Discovered: 2025-10-29 (6mo ago)  ·  Attack est.: 2023-04-24
500+ gigabytes and over 100,000+ files availableThe Yateem Group owns nearly 100 optical outlets in …
Logo
Trojan Construction & Holding Group AE
Blacknevas
Discovered: 2025-10-27 (6mo ago)  ·  Attack est.: 2025-10-21
Over 3 terabytes of project and financial reporting data for 2024–2025. https://gofile.io/d/4Uf42V F…
Logo
Undefasa ES
Blacknevas
Discovered: 2025-10-13 (7mo ago)  ·  Attack est.: 2025-10-09
Ceramicists since 1967We are a family-run business that was established in the heat of the Sierra, a…
Logo
T. Choithram And Sons, LLC US
Blacknevas
Discovered: 2025-10-07 (7mo ago)  ·  Attack est.: 2025-09-29
Choithrams is a prominent grocery retail chain and distributor in the UAE, Bahrain, Qatar, and Oman,…
Logo
Caresoft Global caresoftglobal.com US
Blacknevas
Discovered: 2025-09-29 (7mo ago)
Caresoft Global is a global engineering company specializing in solutions for the automotive, off-hi…
Logo
CARTONAJES BERNABEU SAU www.cartonajesbernabeu.com serviced by IT company Verne Group www.... ES
Blacknevas
Discovered: 2025-09-11 (8mo ago)  ·  Attack est.: 2025-09-09
serviced by IT company Verne Group www.vernegroup.com (Cybersecurity and monitoring)CARTONAJES BERNA…
Logo
OftalTech Solutions oftaltech.com US
Blacknevas
Discovered: 2025-09-06 (8mo ago)
OftalTech Solutions is a leading distributor of ophthalmic products, operating at both national and …
Logo
SISTRAN Consultores MX
Blacknevas
Discovered: 2025-09-01 (8mo ago)
538k files1.1TBlisting data https://gofile.io/d/r8a9GVThe company specializes in providing IT servic…
Logo
TOYOTA ASIA TOYOTA INDIA IN
Blacknevas
Discovered: 2025-08-28 (8mo ago)  ·  Attack est.: 2025-08-21
Hello,I think your IT service hid from you information about the hacking of your corporate network a…
Logo
Payme Ltd GB
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-24
Payme Ltd is a CIS payroll and contracting company with FCSA and professional passport accreditation…
Logo
LEARN is a Regional Educational Service Center US
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-21
LEARN is a Regional Educational Service Center working with and for its member districts to improve …
Logo
CLEARSYNTH LABS LIMITED IN
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-08
In stock: 2153940 filedata size: 762GB Developments, formulas, research on medicinal products Person…
Logo
PROMOSFERA S.r.l. promosfera.com IT
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-19
passports, employee and client documents, databases of promotional participants - hundreds of thousa…
Logo
Cash and carry - COSAEN GRUP ES
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-30
Cash and carry - COSAEN GRUPProfessionals in the food sectorюCosaen Grup SA has wholesale and retail…
Logo
KINAS SOLICITORS kinas.co.uk GB
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-06-09
In stock: 158930+ filedata size: 138+ GBClients' and companies' data. All accompanying documents for…
Logo
Quality Data Service, Inc. US
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-05-21
Today, we’re opening the auction.Over the past several weeks, we’ve completed a full exfiltration fr…
Logo
Dragonfly CO. LTD dragonflygame.com JP
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-07-07
Dragonfly is a South Korean video game developer and publisher based in Seoul. While a small company…
Logo
CILI LT
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-07-02
"cili.lt" is associated with Čili, a restaurant chain that operates in Lithuania and Latvia. It star…
Logo
CHABAA BANGKOK TH
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-07-22
Chabaa is the leading expert in fruit beverage production.700 GB of information, product formulas, f…
Logo
CK Power Public Company Limited TH
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2024-11-20
CK Power Public Company Limited, through its subsidiaries, generates and sells electricity and steam…
Logo
TANI & ABE JP
Blacknevas
Discovered: 2025-08-06 (9mo ago)  ·  Attack est.: 2025-07-27
TANI & ABE is a patent and trademark law firm established in 1977 and headquartered in Tokyo, Ja…