Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Devman / Devman 2.0

| Active | RaaS

Former RansomHub and INC Ransom affiliate.

Victims
 

177

First Discovered
victim

2025-04-06

Last Discovered
victim

2026-01-27

Inactive Since
in day

1

Avg Delay
between attack and claim

30.4 days

Infostealer
for victim with domain

21.4%

View Victims on World Map

View group statistics

Known Locations (3)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Devman's Place No 2025-07-16 03:00:28 qljmlmp4psnn3wqskkf3alqquatymo6hntficb4rhq5n76kuogcv7zyd.onion
favicon DEVMAN 2.0 - Leaked Data No 2025-10-29 08:30:31 wugurgyscp5rxpihef5vl6b6m5ont3b6sezhl7boboso2enib2k3q6qd.onion
favicon Devman Ransomware Yes 2026-01-28 09:01:23 NGINX nginx 1.18.0 devmanblggk7ddrtqj3tsocnayow3bwnozab2s4yhv4shpv6ueitjzid.onion
Target (Available)
Top 5 Activity Sectors
  • Technology 24
  • Healthcare 18
  • Public Sector 12
  • Construction 7
  • Agriculture and Food Production 6
Top 5 Countries
  • US flag United States 31
  • FR flag France 9
  • TW flag Taiwan, Province of China 7
  • SJ flag Svalbard and Jan Mayen 7
  • TH flag Thailand 6
Heatmap (Available)
Ransom Notes (1)
Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (11)
This information is provided by Crocodyli & Ransomware.live
Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Exfiltration Impact
Exploitation of Remote Services PowerShell Valid Accounts Exploitation for Privilege Escalation Masquerading OS Credential Dumping Remote System Discovery SMB/Windows Admin Shares Data from Local System Exfiltration Over C2 Channel Data Encrypted for Impact
Valid Accounts Exploitation for Client Execution     Disable or Modify Tools   Network Service Scanning       Inhibit System Recovery
            System Information Discovery       Service Stop
                    Defacement
Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (5)
IP 3 TOX 1 TWITTER 1
Type IOC
ip 83.217.209.210
ip 38.132.122.213
ip 38.132.122.214
tox 9D97F166730F865F793E2EA07B173C742A6302879DE1B0BBB03817A5A04B572FBD82F984981D
twitter @Inifintyink
Victims (177)
Logo
twi-group.com Devman
Discovery Date: 2026-01-27
[AI generated] TWI Group is a specialized freight forwarder and logistics provider that primarily fo...
SJ
Logo
c*n**lta**i*.com Devman
Discovery Date: 2026-01-26
The data contains materials of national security including BIO laboratory facilities blue prints, an...
US
Logo
cs.at Devman
Discovery Date: 2026-01-26
Estimated Attack Date: 2026-01-25
Insurance data, Hr data, client data...
AT
Logo
**.at Devman
Discovery Date: 2026-01-25
N/A
AT
Logo
****cr*nem*ds.c*m Devman
Discovery Date: 2026-01-24
Patient data, medical cards clinic records...
SJ
Logo
***-gr*up.com Devman
Discovery Date: 2026-01-24
N/A
SJ
Logo
automax.com Devman
Discovery Date: 2026-01-21
Estimated Attack Date: 2026-01-20
[AI generated] AutoMax.com is a leading used car dealership group in the US. Known for its wide rang...
IN
Logo
Syrmasgs Devman
Discovery Date: 2026-01-21
Estimated Attack Date: 2026-01-20
[AI generated] N/A...
IN
Logo
***m*sic.fi Devman
Discovery Date: 2026-01-21
Estimated Attack Date: 2026-01-20
N/A
FI
Logo
www.****law.com Devman
Discovery Date: 2026-01-21
Estimated Attack Date: 2026-01-20
N/A
US
Logo
***om****s-***.com Devman
Discovery Date: 2026-01-21
N/A
US
Logo
www.mims.com Devman
Discovery Date: 2026-01-21
[AI generated] Mims.com is an online resource for medical professionals used mainly in Asia-Pacific ...
SN
Logo
www.saundersandsaunders.com Devman
Discovery Date: 2026-01-21
[AI generated] N/A...
US
Logo
Tvgoiania Devman
Discovery Date: 2026-01-20
[AI generated] Tvgoiania is a media and news company based in Goiânia, Brazil. It provides a platfor...
SJ
Logo
klhindustries.com Devman
Discovery Date: 2026-01-12
[AI generated] N/A...
US
Logo
pronaca.com Devman
Discovery Date: 2026-01-12
Financial, contracts HR data...
SJ
Logo
consigaz.com.br Devman
Discovery Date: 2026-01-12
Estimated Attack Date: 2026-01-11
[AI generated] Consigaz is a Brazilian company that specializes in the distribution of Liquefied Pet...
BR
Logo
sealbeachca.gov Devman
Discovery Date: 2026-01-12
Estimated Attack Date: 2026-01-11
Datatheft 300gb of data stollen includes gov documents, deeds and much more...
US
Logo
sealbeachpd.com Devman
Discovery Date: 2026-01-12
Estimated Attack Date: 2026-01-11
data theft, evidence, officers personal information police reports, DEA open cases information...
US
Logo
******m*di*al.com Devman
Discovery Date: 2026-01-12
Estimated Attack Date: 2026-01-11
Patients data, plastic operations data, SSNs...
US
Logo
****t*lc*a*tpm.com Devman
Discovery Date: 2026-01-12
Financial, patients data, HR data...
SJ
Logo
s***p.com Devman
Discovery Date: 2026-01-12
Case data, atourney client data, hr data...
SJ
Logo
Intonu.com Devman
Discovery Date: 2025-12-28
Estimated Attack Date: 2025-12-25
Financial, Hr documents, claims...
US
Logo
oppor**nity*****.org Devman
Discovery Date: 2025-12-28
Estimated Attack Date: 2025-12-27
Patients data, financial data...
US
Logo
Jennings SD Devman
Discovery Date: 2025-12-28
Estimated Attack Date: 2025-12-27
Financial data, HR data...
US
Logo
sharinc.org Devman
Discovery Date: 2025-12-28
Financial, Custommer data...
US
Logo
kavi.fi Devman
Discovery Date: 2025-12-25
HR data...
FI
Logo
i**o**.us Devman
Discovery Date: 2025-12-25
Financial, Hr documents, claims...
US
Logo
***ind***es.com Devman
Discovery Date: 2025-12-25
Hr data, client data...
US
Logo
Clínica Dávila Devman
Discovery Date: 2025-12-22
Estimated Attack Date: 2025-12-18
Patients' full records, HIV test results, IDs. Throughout a long waiting period, and despite a vast...
CL
Logo
k*v*.fi Devman
Discovery Date: 2025-12-22
HR data...
Logo
transrocamar.com Devman
Discovery Date: 2025-12-22
Estimated Attack Date: 2025-12-19
Financial, Client IDS...
ES
Logo
British Holiday & Home Parks Association Ltd Devman
Discovery Date: 2025-12-22
Passport scans, Financial...
UK
Logo
consult*****.c** Devman
Discovery Date: 2025-12-19
Financial, HR data...
US
Logo
*n**e-ai Devman
Discovery Date: 2025-12-19
SRC, Client data...
CN
Logo
****s*oc****.com Devman
Discovery Date: 2025-12-19
Financial, Client IDS...
ES
Logo
Culinary Jet Concierge Devman
Discovery Date: 2025-12-19
Estimated Attack Date: 2025-12-17
[AI generated] N/A...
FR
Logo
beausejourco-op.crs Devman
Discovery Date: 2025-12-18
Estimated Attack Date: 2025-12-16
Financial, HR...
CA
Logo
d*v***.cl Devman
Discovery Date: 2025-12-18
Patients full records, HIV tests results, ID's...
CL
Logo
Axion50plus Devman
Discovery Date: 2025-12-17
Estimated Attack Date: 2025-12-16
Financial, HR data, Client data...
CA
Logo
Jet ******** Devman
Discovery Date: 2025-12-17
N/A
FR
Logo
Productos Lácteos Flor de Aragua CA Devman
Discovery Date: 2025-12-16
Estimated Attack Date: 2025-12-10
HR data, clients data, Financial data...
VZ
Logo
a**o*50*****.org Devman
Discovery Date: 2025-12-16
Financial, HR data, Client data...
CA
Logo
b**u**jou***-**.crs Devman
Discovery Date: 2025-12-16
Financial, HR...
CA
Logo
DXS SYSTEMS Devman
Discovery Date: 2025-12-15
Estimated Attack Date: 2025-12-14
[AI generated] N/A...
UK
Logo
CANCER Devman
Discovery Date: 2025-12-14
Estimated Attack Date: 2025-12-11
Financial data, clients data...
BR
Logo
***-***tems.*** Devman
Discovery Date: 2025-12-14
N/A
UK
Logo
Quezon Power Devman
Discovery Date: 2025-12-12
Estimated Attack Date: 2025-12-10
Employee data, hr info, projects, Work logs of the power plants, Scada SRC...
PH
Logo
Hopital La Rabta Devman
Discovery Date: 2025-12-12
Estimated Attack Date: 2025-12-11
[AI generated] Hopital La Rabta is a major hospital located in Tunis, Tunisia. It provides a wide ar...
TN
Logo
Hopital ** ***** Devman
Discovery Date: 2025-12-11
N/A
TN
Logo
C*NC*R Devman
Discovery Date: 2025-12-11
Financial data, clients data...
BR
Logo
www.digital****.com Devman
Discovery Date: 2025-12-11
Data theft 80gb...
US
Logo
Village Santé Saint Joseph Hospital Devman
Discovery Date: 2025-12-09
Estimated Attack Date: 2025-12-06
patient data...
FR
Logo
fassic.org Devman
Discovery Date: 2025-12-09
Estimated Attack Date: 2025-12-06
Financial Records, Med cards, Hr documents...
FR
Logo
Inter care Devman
Discovery Date: 2025-12-09
Estimated Attack Date: 2025-12-08
Full quickbooks dump, patients data, and financial data...
US
Logo
solidere Devman
Discovery Date: 2025-12-07
Estimated Attack Date: 2025-12-06
[AI generated] Solidere, short for Société Libanaise de Développement et Reconstruction, is a Lebane...
LB
Logo
hopital-*********.com Devman
Discovery Date: 2025-12-07
Estimated Attack Date: 2025-12-06
Financial data, medical records...
FR
Logo
f***i*.o*g Devman
Discovery Date: 2025-12-07
Estimated Attack Date: 2025-12-06
Financial Records, Med cards, Hr documents...
FR
Logo
arko.no Devman
Discovery Date: 2025-12-07
Estimated Attack Date: 2025-12-06
Datatheft Client DB...
NO
Logo
S**** Saint ****** Devman
Discovery Date: 2025-12-07
Estimated Attack Date: 2025-12-06
Financial data, medical cards...
FR
Logo
cpasch.com Devman
Discovery Date: 2025-12-03
Ransom: 200gb 150k...
Logo
n*w*****.com Devman
Discovery Date: 2025-12-02
Ransom: 200gb 220k...
Logo
ravand.com Devman
Discovery Date: 2025-12-02
Ransom: 75k 50gb...
CA
Logo
Abdulhadi Hospital Devman
Discovery Date: 2025-12-01
Ransom: ecaretest.com 350k 246gb...
Logo
newhorizonsmedical.org Devman
Discovery Date: 2025-12-01
Estimated Attack Date: 2023-06-07
Ransom: 90k 236gb...
US
Logo
www.eastersealsnei.org Devman
Discovery Date: 2025-12-01
Ransom: 550k 280gb...
Logo
m*tt**ca**r**.**.it Devman
Discovery Date: 2025-12-01
Ransom: 75k 50gb...
Logo
c*a*c*.c*m Devman
Discovery Date: 2025-12-01
Ransom: 200gb 150k...
Logo
a*f*o.us Devman
Discovery Date: 2025-12-01
Ransom: 250k 200gb...
Logo
gsccca.org Devman
Discovery Date: 2025-11-21
Ransom: 500gb 400k...
US
Logo
procure.com Devman
Discovery Date: 2025-11-21
Ransom: data theft 40gb 120K...
US
Logo
future.com.bo Devman
Discovery Date: 2025-11-19
Ransom: 200k 120gb...
BO
Logo
MCC Devman
Discovery Date: 2025-11-19
Ransom: 200k 80gb...
US
Logo
f*t*r*.com.** Devman
Discovery Date: 2025-11-17
Ransom: 300k 120gb...
Logo
****clinic.com.** Devman
Discovery Date: 2025-11-17
Ransom: 210k 145gb...
Logo
ctfc.cat Devman
Discovery Date: 2025-11-12
Ransom: 248000 30gb of files exfiltrated...
ES
Logo
omniumint Devman
Discovery Date: 2025-11-11
Ransom: 1.2million 1.2 tb and one very interesting email...
US
Logo
www.oucru.org Devman
Discovery Date: 2025-11-05
Ransom: 500k 120gb...
VN
Logo
www.heitech.com.my Devman
Discovery Date: 2025-11-04
Ransom: 500k 60gb...
MY
Logo
m*c*e*ic*l.com Devman
Discovery Date: 2025-11-01
Ransom: 50gb 100k...
Logo
o*c*u.o** Devman
Discovery Date: 2025-11-01
Ransom: 500k 120gb...
Logo
juntalocal.cdmx.gob.mx Devman
Discovery Date: 2025-11-01
Ransom: 60gb 300k...
MX
Logo
h*tel*ys*e*s.pl Devman
Discovery Date: 2025-10-28
Ransom: data theft 400k...
Logo
fhw.org Devman
Discovery Date: 2025-10-28
Ransom: 700k 120gb...
Logo
h*i**c*.c*m.my Devman
Discovery Date: 2025-10-28
Ransom: 500k 60gb...
Logo
r*p**fl*wa*ps.com Devman
Discovery Date: 2025-10-28
Ransom: oracle theft 200k...
Logo
g*e*g*o**l.com Devman
Discovery Date: 2025-10-28
Ransom: oracle theft 400k...
Logo
pharmaciedesalize.com.fr Devman
Discovery Date: 2025-10-17
Ransom: 50k 80gb...
FR
Logo
www.o****m*nt.com Devman
Discovery Date: 2025-10-16
Ransom: 1400000 USD...
Logo
EMBASY OF BOLIVIA DC Devman
Discovery Date: 2025-10-15
Ransom: 200k 400gb...
BO
Logo
regionalurology.com Devman
Discovery Date: 2025-10-15
Ransom: 200k 300gb...
US
Logo
****** embassy D.C Devman
Discovery Date: 2025-10-14
Ransom: 200000 USD...
Logo
r******urology.com Devman
Discovery Date: 2025-10-10
Ransom: 250k 300gb...
Logo
forestry.gov.jm Devman
Discovery Date: 2025-10-10
Ransom: 200000 USD...
JM
Logo
naturmaelk Devman
Discovery Date: 2025-10-06
Ransom: 550000 USD...
DK
Logo
teeuwissen.com Devman
Discovery Date: 2025-10-03
Ransom: 370k 80gb...
NL
Logo
www.hameshakem.co.il Devman
Discovery Date: 2025-10-03
Ransom: 6kk 400gb exfiltrated...
IL
Logo
www.profimetrics.com Devman
Discovery Date: 2025-10-01
Ransom: 50000 USD...
PT
Logo
e***.o*g Devman
Discovery Date: 2025-10-01
Ransom: 50000 USD...
Logo
t*t*a**o**.com Devman
Discovery Date: 2025-10-01
Ransom: 500000 USD...
Logo
a**h*y*in*er**t**nal.c*m Devman
Discovery Date: 2025-10-01
Ransom: 150000 USD...
Logo
wrapex Devman
Discovery Date: 2025-09-30
Ransom: 780000 USD...
CA
Logo
braswellsvc Devman
Discovery Date: 2025-09-29
Ransom: 120000 USD | Note: 300gb exfiltrated...
US
Logo
busaba Devman
Discovery Date: 2025-09-29
Ransom: 580000 USD...
GB
Logo
chicagobotanic Devman
Discovery Date: 2025-09-29
Ransom: 590000 USD...
US
Logo
r3consulting Devman
Discovery Date: 2025-09-29
Ransom: 350000 USD | Note: 400gb stollen...
US
Logo
ncgllc.com Devman
Discovery Date: 2025-09-29
Ransom: 100000 USD...
US
Logo
n**u***e**.dk Devman
Discovery Date: 2025-09-29
Ransom: 590000 USD...
Logo
sacada.org Devman
Discovery Date: 2025-09-29
Ransom: 100000 USD...
Logo
promisedland.com.tw/h21 million USD...Time Remaining:---BUY Files Devman
Discovery Date: 2025-09-15
1000000 USD...
TW
Logo
www.shimaogroup.com Devman
Discovery Date: 2025-09-15
91000000 USD...
CN
Logo
www.p***e*u**h***.us Devman
Discovery Date: 2025-09-15
1700000 USD...
US
Logo
www.s*i***gr*u*.com Devman
Discovery Date: 2025-09-06
91000000 USD...
Logo
promisedland.com.tw Devman
Discovery Date: 2025-09-03
1000000 USD...
TW
Logo
www.pure-chemical.com Devman
Discovery Date: 2025-09-03
5000000 USD...
IN
Logo
ruff.com.br Devman
Discovery Date: 2025-08-04
1000000 USD...
BR
Logo
diethelmtravel Devman
Discovery Date: 2025-08-04
1800000 USD...
TH
Logo
kw****.tw Devman
Discovery Date: 2025-08-01
1000000 USD...
TW
Logo
pr*****.tw Devman
Discovery Date: 2025-08-01
1050000 USD...
TW
Logo
b*u*l*****.tw Devman
Discovery Date: 2025-08-01
1100000 USD...
TW
Logo
***.c*m.tw Devman
Discovery Date: 2025-08-01
6000000 USD...
TW
Logo
pt.elis.com Devman
Discovery Date: 2025-07-20
4000000 USD...
PT
Logo
pt.e*i*.com Devman
Discovery Date: 2025-07-18
4000000 USD...
Logo
mol.go.th Devman
Discovery Date: 2025-07-17
15000000 USD...
TH
Logo
eehc.gov.eg Devman
Discovery Date: 2025-07-15
2270000 USD...
EG
Logo
www.e***.gov.eg Devman
Discovery Date: 2025-07-13
2270000 USD...
Logo
sol*d*r*.com Devman
Discovery Date: 2025-07-12
7250000 USD...
Logo
Hong Kong Victim Devman
Discovery Date: 2025-07-05
(To be disclosed)......
HK
Logo
China Harbour Engineering Company Devman
Discovery Date: 2025-07-05
450000 USD...
CN
Logo
TBD HONG KONG Devman
Discovery Date: 2025-07-05
TBD......
HK
Logo
c****gl*b*.com Devman
Discovery Date: 2025-07-05
1000000 USD...
Logo
takachiho.co.jp Devman
Discovery Date: 2025-07-05
1000000 USD...
JP
Logo
elematec Devman
Discovery Date: 2025-07-05
10000000 USD...
JP
Logo
gotec Devman
Discovery Date: 2025-07-05
6450000 USD...
CH
Logo
DHL THAILAND Devman
Discovery Date: 2025-06-02
TBD...
TH
Logo
lantro.com Devman
Discovery Date: 2025-05-31
1.1 million USD...
JP
Logo
dmbarone.com Devman
Discovery Date: 2025-05-26
130k USD...
US
Logo
Gobierno del Estado de Colima Devman
Discovery Date: 2025-05-26
TBD...
MX
Logo
www.nijar.es Devman
Discovery Date: 2025-05-25
TBD...
ES
Logo
www.paragonradiology.com Devman
Discovery Date: 2025-05-23
200k USD...
US
Logo
netstar Devman
Discovery Date: 2025-05-23
1.2 million USD...
ZA
Logo
NSSF KENYA Devman
Discovery Date: 2025-05-19
4.5 million USD...
KE
Logo
TBD KOREA Devman
Discovery Date: 2025-05-19
TBD...
KR
Logo
TBD HONK KONG Devman
Discovery Date: 2025-05-19
TBD...
HK
Logo
TBD GREECE Devman
Discovery Date: 2025-05-19
TBD...
GR
Logo
TOHO-CO Devman
Discovery Date: 2025-05-19
120k...
JP
Logo
TBD KENYA Devman
Discovery Date: 2025-05-19
TBD...
KE
Logo
piriou Devman
Discovery Date: 2025-05-19
383K USD...
VN
Logo
tvgoiania.com.br Devman
Discovery Date: 2025-05-11
80K USD...
BR
Logo
Pienaar Brothers Devman
Discovery Date: 2025-05-10
590K USD...
ZA
Logo
Victim from Japan Devman
Discovery Date: 2025-05-10
TBD...
JP
Logo
DAILY NEWS THAILAND Devman
Discovery Date: 2025-05-09
375K USD...
TH
Logo
GMA NETWORK Devman
Discovery Date: 2025-05-07
2.5 million USD...
PH
Logo
pestbusters Devman
Discovery Date: 2025-05-05
100K USD...
SG
Logo
smvthailand.com Devman
Discovery Date: 2025-05-02
375K USD...
TH
Logo
Chinese Healthcare Organisation Devman
Discovery Date: 2025-05-01
TBD...
CN
Logo
Singapour Factory Devman
Discovery Date: 2025-05-01
TBD...
SG
Logo
South African IT firm Devman
Discovery Date: 2025-05-01
TBD...
ZA
Logo
South African Hr company Devman
Discovery Date: 2025-05-01
TBD...
ZA
Logo
dovesit.co.za Devman
Discovery Date: 2025-05-01
550k USD...
ZA
Logo
EU victim Devman
Discovery Date: 2025-04-25
(To be discoled)...
Logo
China Harbour Engeneiring Company Devman
Discovery Date: 2025-04-24
450k USD...
CN
Logo
Premier Meats South Africa Devman
Discovery Date: 2025-04-20
(90k USD)...
ZA
Logo
Feel Four Devman
Discovery Date: 2025-04-20
60k USD...
Logo
Singapour Victim Devman
Discovery Date: 2025-04-20
(To be discoled)...
SG
Logo
Honk Kong Victim Devman
Discovery Date: 2025-04-20
(To be discoled)...
HK
Logo
China Harbour Engeneiring Company Devman
Discovery Date: 2025-04-20
450k USD...
CN
Logo
FEELFOUR Devman
Discovery Date: 2025-04-13
70k USD...
SG
Logo
Med institute Devman
Discovery Date: 2025-04-13
Price -Soon...
Logo
Bangkok Electronics Co., Ltd Devman
Discovery Date: 2025-04-13
200k USD...
TH
Logo
Tawasol Devman
Discovery Date: 2025-04-13
150k USD...
EG
Logo
Texas Construction Firm Devman
Discovery Date: 2025-04-13
Amount TBD...
US
Logo
Optimax Technology Devman
Discovery Date: 2025-04-13
590k USD...
Logo
Dubai Company Devman
Discovery Date: 2025-04-06
Different Locker...
AE
Logo
Texas Construction Firm Devman
Discovery Date: 2025-04-06
Name disclosed soon...
Logo
Optimax Technology Devman
Discovery Date: 2025-04-06
Pending...
TW
Logo
doumen.fr Devman
Discovery Date: 2025-04-06
Estimated Attack Date: 2025-03-22
Still in negotiation...
FR