Ransomware.live - Victim: belimed.com

Description:

We are announcing the successful breach of the secure network of Belimed AG, a leading provider of sterilization equipment. Our team has gained full access to the digital assets of their finance department and has exfiltrated the entire dataset.
 
 Data Volume: 1.5 Terabytes.
 
 In our possession is the complete financial picture of Belimed AG. This isn't just tables or reports; it is the entire nervous system of their business, including:
 
 *   **SAP (SUP) Databases:** Full dumps containing all operational and financial information.
 *   **Accounting Records:** All transactions, entries, and financial operations spanning many years.
 *   **Client Contracts and Payments:** Detailed information on deals, pricing, and accounts receivable.
 *   **Employee Data:** Salaries, bonuses, and personal financial information.
 *   **Internal Audits and Strategic Planning:** Documents revealing their weaknesses, future plans, and trade secrets.
 *   **Tax Documentation and Banking Details:** All information necessary for a complete understanding of their financial flows.
 
 The management of Belimed AG was given the opportunity to resolve this matter privately and without consequence. They chose silence, believing they could ignore us. This was a fatal mistake. By refusing to engage, they have jeopardized not only their own reputation but also the security of their clients, partners, and employees.
 
 **This is not a threat. It is an announcement of a coming event.**
 
 Exactly one month from the date of this post, the entire 1.5 TB data archive will be published for public access on this resource. Anyone—competitors, journalists, regulators—will be able to download and scrutinize the inner workings of Belimed AG.
 
 To the management of Belimed AG: you have made your choice. Now you will serve as an example to all others. Enjoy the consequences. The clock is ticking.

WHOIS Emails

domain.operationsweb.com

MX Records

belimed-com.mail.protection.outlook.com. Microsoft 365

TXT Records

Sendinblue-code:7e1f711a16a2f94aa2fd95ec46e49f41
apple-domain-verification=gy1lkbHDnWXrb8RJ
ms-domain-verification=0fbf1051-a25a-4549-9928-c583d8919a1c
atlassian-domain-verification=xZExWX7eC5Nz4CgctHbWnXp7RihVl3rj4PIgHJzxojjkc12cadShiZ0Bj48kf75C
google-site-verification=9KbVfYs8BWBCAjzPm5EL5lbZZNgPLTzOLVWJTdoMaiE
v=spf1 a include:spf.protection.outlook.com include:relay.mailchannels.net include:amazonses.com include:spf.iway.ch include:spf.umantis.com include:spf.sendinblue.com include:_spf.salesforce.com ip4:62.159.39.58 ip4:74.223.107.35 ip4:84.92.231.201 ip4:85" ".222.243.170 ip4:89.143.12.138 ip4:91.113.213.100 ip4:93.94.66.190 ip4:109.2.157.62 ip4:165.166.85.164 ip4:193.33.128.192 ip4:193.192.192.17 ip4:93.94.67.217 ip4:212.4.72.142 ip4:212.13.235.98 ip4:212.243.26.18 ip4:212.68.122.73 ip4:213.200.219.102 ip4:21" "3.221.203.36 ip4:213.221.218.116 ip4:213.221.218.113 ip4:217.11.45.171 ip4:93.94.66.108 ip4:62.204.100.146 ip4:141.195.94.34 ip4:141.195.94.35 ip4:141.195.94.36 ip4:141.195.94.37 ip4:141.195.94.38 ip4:141.195.94.39 ip4:141.195.94.40 ip4:141.195.94.41 ip4:" "141.195.94.42 ip4:141.195.94.43 ip4:141.195.94.44 ip4:141.195.94.45 ip4:141.195.94.46 ip4:117.50.59.174 -all

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.

belimed.com

Infostealer activity detected by HudsonRock

Cloud / SaaS Services Detected