Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Blacknevas / Trial recovery

| Active

None

Victims
 

16

First Discovered
victim

2025-08-06

Last Discovered
victim

2025-09-11

Inactive Since
in days

12

Avg Delay
between attack and claim

62.9 days

Infostealer
for victim with domain

30.8%

View Victims on World Map

View group statistics

Known Locations (2)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Clist Yes 2025-09-23 03:01:36 NGINX nginx 1.27.4 ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion
favicon Clist Yes 2025-09-23 02:31:29 NGINX nginx 1.27.4 ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion
Target (Available)
Top 5 Activity Sectors
  • Technology 4
  • Manufacturing 3
  • Business Services 2
  • Energy 1
  • Hospitality and Tourism 1
Top 5 Countries
  • US flag United States 3
  • JP flag Japan 2
  • TH flag Thailand 2
  • GB flag United Kingdom 2
  • ES flag Spain 2
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (28)
SHA256 28
Type IOC
sha256 23642a78addcffd124db133a2dd2fcd2d1bdb060dd1e41da33cb18eec7a88867
sha256 2b9fe8a2629727470be1c928f7c9be7e2ea6cc22fb12f971902bf9cea8b16afb
sha256 360758c296310ba428d0d52c90e31c05fc43d5889282fa840283cf468f2378e8
sha256 3d09e930305cb3aa4ca54a39b0e3749f083d432f202606c8adac8455014b47fc
sha256 43f145fccec00f1e100ec3377eaf0ab60df3b9c5291b8011e05141cc04704be1
sha256 49fcbd606ff10d4661e222b8910ab7829d1668e3c97f1bab7eb51e8ec7d799a5
sha256 501821a19ccf59830789849beff94238736adb4b213870a511890c5c8efab2a6
sha256 623f3e98908962669e48edd414dbb67e9d4e204f677998fdcc9c2d790816a67f
sha256 713392f009bc133f24b3271379a4ac147e1a7782b6a1ac957c1fda69d676b550
sha256 840b1c580bfd15ca3eb1cc94cf479f63b93285d2599bc2e3cd361e3f5a340f19
sha256 8a2d6d27ffcc66400a640d3c9c9e6becb90c04c5bab452cac56f999c48a04d63
sha256 910cc03d64bf09f53cdf3b83068cc46368c23a061c2e1ed5df0e3a35d6c9e084
sha256 95e744ddcc2e8f89f6c6e25503eff2eb5e70e98f6989bb4a4e93f17b09448e78
sha256 9d9c146910f294b3e2a755f76e8066cd2edfac057ff54f00f405e2f9e8b9e51a
sha256 9d9c146910f294b3e2a755f76e8066cd2edfac057ff54f00f405e2f9e8b9e51a
sha256 a0630e2a81775e8334ea9f8cac73cebf1b9a70507ea3347c0c2eba82c80219a6
sha256 a331504acf589be5d11202232a7a93eeb4fe6b053beea231d9a0a661bcaf3fd6
sha256 b0dfaf509de38749c49afcb3cd34d27126044bb77cc16896b02ebced6f95db02
sha256 b2353fce403b079735a606294c4ffc20a71f1c6b16ec15e94f554beafcddd1ea
sha256 bad3c2f72ef2be522a554a9615dc93027416a3d4048f77519fca5104fabba1f9
sha256 bf4adad2eb1163369c133ae61c181a3f91ef8640a457e9c4e72d77a60fbfa7ab
sha256 c08a752138a6f0b332dfec981f20ec414ad367b7384389e0c59466b8e10655ec
sha256 c0fc61631a20c373ce17e939e09cfb4f5179c9e0788e80079b4ee8986afe89bd
sha256 d953bce4d87f5837ce318481e3a1b6617cf64af976043d3b4b4866475bb31972
sha256 def75a41435dc28430097a7e116b2d17526ce2b0172995618f2749b0d732f7ea
sha256 e7706a633f24679c7550a31b96088dda8f772c98f64daee7cfbf0dc17a4a8338
sha256 eb8cbc4a0eae33bfdc4ecb99d033c81224b005e55588ceb86346f2b2d3fd790f
sha256 f25f76a85ded0d4d285d9ae5482d8fe07dade3e241853d00b17642d7873733e8
Victims (16)
Logo
CARTONAJES BERNABEU SAU www.cartonajesbernabeu.com serviced by IT company Verne Group www.... Blacknevas
Discovery Date: 2025-09-11
Estimated Attack Date: 2025-09-09
serviced by IT company Verne Group www.vernegroup.com (Cybersecurity and monitoring)CARTONAJES BERNA...
ES
Logo
OftalTech Solutions oftaltech.com Blacknevas
Discovery Date: 2025-09-06
OftalTech Solutions is a leading distributor of ophthalmic products, operating at both national and ...
US
Logo
SISTRAN Consultores Blacknevas
Discovery Date: 2025-09-01
538k files1.1TBlisting data https://gofile.io/d/r8a9GVThe company specializes in providing IT servic...
MX
Logo
TOYOTA ASIA TOYOTA INDIA Blacknevas
Discovery Date: 2025-08-28
Estimated Attack Date: 2025-08-21
Hello,I think your IT service hid from you information about the hacking of your corporate network a...
IN
Logo
Payme Ltd Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-24
Payme Ltd is a CIS payroll and contracting company with FCSA and professional passport accreditation...
GB
Logo
LEARN is a Regional Educational Service Center Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-21
LEARN is a Regional Educational Service Center working with and for its member districts to improve ...
US
Logo
CLEARSYNTH LABS LIMITED Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-08
In stock: 2153940 filedata size: 762GB Developments, formulas, research on medicinal products Person...
IN
Logo
PROMOSFERA S.r.l. promosfera.com Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-19
passports, employee and client documents, databases of promotional participants - hundreds of thousa...
IT
Logo
Cash and carry - COSAEN GRUP Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-30
Cash and carry - COSAEN GRUPProfessionals in the food sectorюCosaen Grup SA has wholesale and retail...
ES
Logo
KINAS SOLICITORS kinas.co.uk Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-06-09
In stock: 158930+ filedata size: 138+ GBClients' and companies' data. All accompanying documents for...
GB
Logo
Quality Data Service, Inc. Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-05-21
Today, we’re opening the auction.Over the past several weeks, we’ve completed a full exfiltration fr...
US
Logo
Dragonfly CO. LTD dragonflygame.com Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-07-07
Dragonfly is a South Korean video game developer and publisher based in Seoul. While a small company...
JP
Logo
CILI Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-07-02
"cili.lt" is associated with Čili, a restaurant chain that operates in Lithuania and Latvia. It star...
Logo
CHABAA BANGKOK Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-07-22
Chabaa is the leading expert in fruit beverage production.700 GB of information, product formulas, f...
TH
Logo
CK Power Public Company Limited Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2024-11-20
CK Power Public Company Limited, through its subsidiaries, generates and sells electricity and steam...
TH
Logo
TANI & ABE Blacknevas
Discovery Date: 2025-08-06
Estimated Attack Date: 2025-07-27
TANI & ABE is a patent and trademark law firm established in 1977 and headquartered in Tokyo, Ja...
JP