Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Ralord

| RaaS

RALord is a ransomware group identified in March 2025 operating within the NOVA RaaS platform, targeting healthcare, education, hospitality, and IT sectors across multiple continents, using a Rust-based payload with an 85/15 affiliate revenue split; it later rebranded as "Nova."

Victims
19
 
First Discovered
2025-03-26
victim
Last Discovered
2025-04-27
victim
Inactive Since
1yr
more than
Avg Delay
3.9
days
Infostealer
61.1%
victims with domain
Countries
12
hit
View Victims on World Map View Group Statistics
Known Locations (4)
Favicon Title Type Available Last Visit Server Info FQDN
favicon New upgrade for Brand No 2026-05-14T10:16:25 ralordqe33mpufkpsr6zkdatktlu3t2uei4ught3sitxgtzfmqmbsuyd.onion
favicon New upgrade for Brand No 2026-05-14T10:14:09 ralord3htj7v2dkavss2hjzviviwgsf4anfdnihn5qcjl6eb5if3cuqd.onion
favicon New upgrade for Brand Yes 2026-05-14T10:13:00 NGINX nginx ralordt7gywtkkkkq2suldao6mpibsb7cpjvdfezpzwgltyj2laiuuid.onion
favicon Nova Panel | Login No 2026-04-28T07:28:28 novazzitmugtbjwuttc5hhsemkmvwh3iyt27oeeunu5mkw62qpfeykid.onion
Target
Top 5 Activity Sectors
  • Manufacturing 4
  • Agriculture and Food Production 3
  • Education 3
  • Consumer Services 2
  • Hospitality and Tourism 2
Top 5 Countries
  • BR flag Brazil 3
  • ES flag Spain 3
  • SA flag Saudi Arabia 2
  • AR flag Argentina 2
  • FR flag France 2
Heatmap
Ransom Notes (1)
YARA Rules (1)
Indicators of Compromise (IoCs) (4)
Hash MD5 2 IP Address 1 tox 1
Type IOC
Hash MD5 4566f5ba6d1a1db0dd7794ea8d791b3f
Hash MD5 be15f62d14d1cbe2aecce8396f4c6289
IP Address 144.172.95.78
tox 0C8E5B45C57AE244E9C904C5BC74F73306937469D9CEA22541CA69AC162B8D42A20F4C0382AC
Victims (19)
Logo
DIALLOG company CA
Ralord
Discovered: 2025-04-27 (1y ago)
Diallog Telecommunications is a Canadian-owned and operated telecom company based in Toronto, establ…
Logo
HELUKABEL company DE
Ralord
Discovered: 2025-04-24 (1y ago)  ·  Attack est.: 2025-04-23
The website www.helukabel.de is the official online presence of HELUKABEL GmbH, a German-based globa…
Logo
rawafid company SA
Ralord
Discovered: 2025-04-23 (1y ago)
Established in 2008 and headquartered in Riyadh, Rawafid Industrial specializes in water infrastruct…
Logo
​​​​agromate company MY
Ralord
Discovered: 2025-04-22 (1y ago)
Agromate.com.my is the official website of Agromate Holdings Sdn Bhd, a leading Malaysian agricultur…
Logo
​​​​bettininformatica - suporteon company BR
Ralord
Discovered: 2025-04-19 (1y ago)  ·  Attack est.: 2025-04-16
​​​​​​​​BThe website bettininformatica.com.br belongs to Bettin Soluções em Informática, a technolog…
Logo
​​​​Bio-Clima Service IT
Ralord
Discovered: 2025-04-16 (1y ago)
​​​​​​​​Bio-Clima Service Srl, an Italian company based in Bernareggio, Lombardy, specializing in th…
Logo
ARRCO LSM NO
Ralord
Discovered: 2025-04-15 (1y ago)
ARRCO – Lights Sound Magic is a professional event technology company based in Hamar, Norway. They s…
Logo
NewHotel cloud company ES
Ralord
Discovered: 2025-04-15 (1y ago)
​​​​Newhotel Cloud is a comprehensive, cloud-based Property Management System (PMS) developed by New…
Logo
Al-Hejailan Group SA
Ralord
Discovered: 2025-04-14 (1y ago)
​​​​​​​​​​​Established in 1980, the Al-Hejailan Group began as an engineering and contracting firm a…
Logo
hasbco Company US
Ralord
Discovered: 2025-04-10 (1y ago)
​​​​​​​​​​​Hasbco is a company that operates in the Grocery Retail industry. It employs 5to9 people …
Logo
Tomio Ingeniería AR
Ralord
Discovered: 2025-03-31 (1y ago)  ·  Attack est.: 2025-03-22
​​Tomio Ingeniería S.A. is an Argentine company specializing in engineering and industrial services.…
Logo
Élan Sportif Nantes FR
Ralord
Discovered: 2025-03-31 (1y ago)  ·  Attack est.: 2025-03-25
​​​The domain ec-nantes.fr is associated with École Centrale de Nantes, which is a prestigious engin…
Logo
Ihara company BR
Ralord
Discovered: 2025-03-31 (1y ago)  ·  Attack est.: 2025-03-27
​​​​​IHARA is a Brazilian company specializing in the development and manufacturing of agricultural …
Logo
Pere Claver grup ES
Ralord
Discovered: 2025-03-31 (1y ago)  ·  Attack est.: 2025-03-28
​​​​​​​​Pere Claver Grup is a private, non-profit organization established in 1948 in Barcelona, Spa…
Logo
Formosa Chang TW
Ralord
Discovered: 2025-03-30 (1y ago)
​​​​​​​​​​​Formosa Chang is a well-known Taiwanese restaurant chain, primarily famous for its tradit…
Logo
pereclaver.org ES
Ralord
Discovered: 2025-03-28 (1y ago)
​​​​​​​​Pere Claver Grup is a private, non-profit organization established in 1948 in Barcelona, Spa…
Logo
ihara.com.br BR
Ralord
Discovered: 2025-03-27 (1y ago)
​​​​​IHARA is a Brazilian company specializing in the development and manufacturing of agricultural …
Logo
tomioingenieria.com.ar AR
Ralord
Discovered: 2025-03-26 (1y ago)  ·  Attack est.: 2025-03-22
​​Tomio Ingeniería S.A. is an Argentine company specializing in engineering and industrial services.…
Logo
ec-nantes.fr FR
Ralord
Discovered: 2025-03-26 (1y ago)  ·  Attack est.: 2025-03-25
​​​The domain ec-nantes.fr is associated with École Centrale de Nantes, which is a prestigious engin…