Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Osiris

| Active | RaaS

Osiris is a ransomware-as-a-service operation first observed in November 2025 that uses a Bring Your Own Vulnerable Driver (BYOVD) technique to disable endpoint detection tools before deploying hybrid ECC + AES-128-CTR encryption; Symantec researchers linked its operators to former INC ransomware affiliates.

Victims
3
 
First Discovered
2025-12-18
victim
Last Discovered
2026-03-23
victim
Inactive Since
51
days
Avg Delay
36
days
Infostealer
33.3%
victims with domain
Countries
3
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon Osiris No 2026-05-13T22:44:36 osirisbm3357xrccnid23nlyuqwzbgqheaei6dxvyi34tbkqr3bmvfid.onion
Target
Top 5 Activity Sectors
  • Technology 1
  • Manufacturing 1
  • Hospitality and Tourism 1
Top 5 Countries
  • IN flag India 1
  • US flag United States 1
  • PH flag Philippines 1
Heatmap
YARA Rules (1)
Victims (3)
Logo
Mantra Softech Pvt IN
Osiris
Discovered: 2026-03-23 (1mo ago)  ·  Attack est.: 2026-01-18
Mantra Softech India Pvt. Ltd., founded in 2006 and headquartered in Ahmedabad, is a leading global …
Logo
American Vanguard US
Osiris
Discovered: 2026-01-09 (4mo ago)
American Vanguard Corporation is a U.S.-based company specializing in agricultural chemicals, primar…
Logo
The Araneta Group PH
Osiris
Discovered: 2025-12-18 (4mo ago)  ·  Attack est.: 2025-12-10
The Araneta Group is a private, diversified conglomerate in the Philippines — active in property dev…