Ransomware Group intelligence

Malas

Inactive

Track Malas with 170 published victims and 1 known leak locations in a single intelligence view.

Victims 170 Known published victims in this dataset

First discovered 2023-04-09 Earliest victim discovery date

Last discovered 2023-05-18 Latest victim discovery date

Inactive since 1073 days Days since the latest known victim

Top country Russian Federation 4 victims

Known locations 1 Leak or negotiation infrastructure tracked

Malas is tracked by Breach House as a ransomware group with 170 published victims.

Russian Federation is currently the most targeted country in this dataset.

1 known leak locations are currently associated with this group.

Top Countries

Distribution

Label	Type	Availability	Links
Leak location 1	Onion service	Unknown	`malas2urovbyyavjzaezkt5ohljvyd5lt7vv7mnsgbf2y4bwlh72doqd.onion`

No sector intelligence available.

Ransom Notes (0)

▼

No ransom notes available for this group.

Tools Used

▼

No tools used available.

YARA Rules (0)

▼

No YARA rules available.

Indicators of Compromise (0)

▼

No IoCs available for this group.

Negotiation Chats (0)

▼

No negotiation chats available.

No external research sources linked yet.

Victims (170)

Search, filter and paginate the victim timeline for Malas.

Type	Target	Discovered	Country	Business Category
Ransomware	Fort Rolins Collection Agency id6461 View details	2023-05-18	Indonesia	Communication / Marketing
<p>They act like they don&rsquo;t see🙈 our ransom note🗒 , or they just don&rsquo;t negotiate🤝with cyberterrorists💣. They restore their backups and think ignoring us🙉 makes us go away. So now we also restore their backups, for all of you.</p> <p>Harita Group is dedicated to mining, logging rainforests🐒😭 to plant palm oil monocultures, coal, and anything else that&rsquo;ll make them a profit through destroying their countries&rsquo; environment. Their Swiss🇨🇭🇭 partner Glencore is well documented for it&rsquo;s human rights and environmental abuses in Latin America, including hiring paramilitary killers to drive indigenous off their lands so they can steal it. We think it&rsquo;s likely they operate the same in Indonesia and journalists will like to look through their emails ID 6461
Ransomware	Compañía Agricola San Felipe id6460 View details	2023-05-18		Agriculture / Food
<p>Your work is collecting and repossessing from struggling people? Don&rsquo;t complain when we come to repossess your own files ID 6460
Ransomware	Banco Azzoaglio id3 View details	2023-04-09	Italy	Finance / Legal / Insurance
using Zimbra vulnerability ID 3
Ransomware	Ларина id4 View details	2023-04-09		Other
using Zimbra vulnerability ID 4
Ransomware	Utair id5 View details	2023-04-09	Russian Federation	Other
using Zimbra vulnerability ID 5
Ransomware	The Sound Organisation id6 View details	2023-04-09		Other
using Zimbra vulnerability ID 6
Ransomware	Angle Metal Mfg. id7 View details	2023-04-09		Manufacturing / Engineering
using Zimbra vulnerability ID 7
Ransomware	Красный Восток Агро id8 View details	2023-04-09		Other
using Zimbra vulnerability ID 8
Ransomware	Petromiralles id9 View details	2023-04-09		Other
using Zimbra vulnerability ID 9
Ransomware	nanoCAD id10 View details	2023-04-09		Other
using Zimbra vulnerability ID 10
Ransomware	Baggio id11 View details	2023-04-09		Other
using Zimbra vulnerability ID 11
Ransomware	ЖБИ2-Инвест id12 View details	2023-04-09		Other
using Zimbra vulnerability ID 12
Ransomware	Город Кафе id13 View details	2023-04-09		Other
using Zimbra vulnerability ID 13
Ransomware	Diete-Siepmann id14 View details	2023-04-09		Other
using Zimbra vulnerability ID 14
Ransomware	Fitser id15 View details	2023-04-09		Other
using Zimbra vulnerability ID 15
Ransomware	MHWEB id16 View details	2023-04-09		Other
using Zimbra vulnerability ID 16
Ransomware	Pergler id17 View details	2023-04-09		Other
using Zimbra vulnerability ID 17
Ransomware	Имеди id18 View details	2023-04-09		Other
using Zimbra vulnerability ID 18
Ransomware	Altia id19 View details	2023-04-09		Other
using Zimbra vulnerability ID 19
Ransomware	Евроэкспо id20 View details	2023-04-09		Other
using Zimbra vulnerability ID 20
Ransomware	Aster Cucine id21 View details	2023-04-09		Other
using Zimbra vulnerability ID 21
Ransomware	KondorCS id22 View details	2023-04-09		Other
using Zimbra vulnerability ID 22
Ransomware	ФГУП “ЦНИИХМ” id23 View details	2023-04-09		Other
using Zimbra vulnerability ID 23
Ransomware	Custom Manufacturing & Engineering, Inc id24 View details	2023-04-09		Manufacturing / Engineering
using Zimbra vulnerability ID 24
Ransomware	Копчёнов id25 View details	2023-04-09		Other
using Zimbra vulnerability ID 25
Ransomware	ArCloud id26 View details	2023-04-09		IT
using Zimbra vulnerability ID 26
Ransomware	Гласс Фурнитура id27 View details	2023-04-09		Other
using Zimbra vulnerability ID 27
Ransomware	LunarWeb id28 View details	2023-04-09		Other
using Zimbra vulnerability ID 28
Ransomware	Oasis Ads Media id29 View details	2023-04-09		Communication / Marketing
using Zimbra vulnerability ID 29
Ransomware	Azzurra Group id30 View details	2023-04-09		Services
using Zimbra vulnerability ID 30
Ransomware	ConnectTo id31 View details	2023-04-09		Other
using Zimbra vulnerability ID 31
Ransomware	Сервиста id32 View details	2023-04-09		Other
using Zimbra vulnerability ID 32
Ransomware	Amersport id33 View details	2023-04-09		Other
using Zimbra vulnerability ID 33
Ransomware	Studio Negri e Associati id34 View details	2023-04-09		Other
using Zimbra vulnerability ID 34
Ransomware	Hoteles Globales id35 View details	2023-04-09		Hospitality / Food & Beverage / Tourism
using Zimbra vulnerability ID 35
Ransomware	HostingPerTe id36 View details	2023-04-09		Other
using Zimbra vulnerability ID 36
Ransomware	Sita Software id37 View details	2023-04-09		IT
using Zimbra vulnerability ID 37
Ransomware	Exset id38 View details	2023-04-09		Other
using Zimbra vulnerability ID 38
Ransomware	Fraport Skyliners id39 View details	2023-04-09		Other
using Zimbra vulnerability ID 39
Ransomware	D&G impianti elettrici id40 View details	2023-04-09		Other
using Zimbra vulnerability ID 40
Ransomware	RepcoLite id41 View details	2023-04-09		Other
using Zimbra vulnerability ID 41
Ransomware	Sallemi Carburanti id42 View details	2023-04-09		Other
using Zimbra vulnerability ID 42
Ransomware	BEI Srl id43 View details	2023-04-09		Other
using Zimbra vulnerability ID 43
Ransomware	Bicom id44 View details	2023-04-09		Other
using Zimbra vulnerability ID 44
Ransomware	Transitus Group id45 View details	2023-04-09		Services
using Zimbra vulnerability ID 45
Ransomware	spw.ru id46 View details	2023-04-09	Russian Federation	Other
using Zimbra vulnerability ID 46
Ransomware	Mappy Italia id47 View details	2023-04-09		Other
using Zimbra vulnerability ID 47
Ransomware	cashbackAPP id48 View details	2023-04-09		Other
using Zimbra vulnerability ID 48
Ransomware	Bleu Blanc id49 View details	2023-04-09		Other
using Zimbra vulnerability ID 49
Ransomware	KriaaNet Inc id50 View details	2023-04-09		Services
using Zimbra vulnerability ID 50
Ransomware	Hardman’s id51 View details	2023-04-09		Other
using Zimbra vulnerability ID 51
Ransomware	Ямалтелеком id52 View details	2023-04-09		Other
using Zimbra vulnerability ID 52
Ransomware	Baur Hausverwaltung id53 View details	2023-04-09		Other
using Zimbra vulnerability ID 53
Ransomware	Grupo Fatecsa id54 View details	2023-04-09		Other
using Zimbra vulnerability ID 54
Ransomware	InfinCE id55 View details	2023-04-09		Services
using Zimbra vulnerability ID 55
Ransomware	SkyFORS id56 View details	2023-04-09		Other
using Zimbra vulnerability ID 56
Ransomware	Balbi Srl id57 View details	2023-04-09		Other
using Zimbra vulnerability ID 57
Ransomware	Steelgroup id58 View details	2023-04-09		Manufacturing / Engineering
using Zimbra vulnerability ID 58
Ransomware	СКППК id59 View details	2023-04-09		Other
using Zimbra vulnerability ID 59
Ransomware	DSSL id60 View details	2023-04-09		Other
using Zimbra vulnerability ID 60
Ransomware	Kouros id61 View details	2023-04-09		Other
using Zimbra vulnerability ID 61
Ransomware	Johnston Technical Services id62 View details	2023-04-09		IT
using Zimbra vulnerability ID 62
Ransomware	BE.iT SA id63 View details	2023-04-09		Other
using Zimbra vulnerability ID 63
Ransomware	Horseman Sim id64 View details	2023-04-09		Other
using Zimbra vulnerability ID 64
Ransomware	Zite Media id65 View details	2023-04-09		Communication / Marketing
using Zimbra vulnerability ID 65
Ransomware	Трансбалт id66 View details	2023-04-09		Other
using Zimbra vulnerability ID 66
Ransomware	Формекс id67 View details	2023-04-09		Other
using Zimbra vulnerability ID 67
Ransomware	Pasquetti Sarti & Partners id68 View details	2023-04-09		Other
using Zimbra vulnerability ID 68
Ransomware	Herold Druck id69 View details	2023-04-09		Other
using Zimbra vulnerability ID 69
Ransomware	paulmitchell.ru id70 View details	2023-04-09	Russian Federation	Other
using Zimbra vulnerability ID 70
Ransomware	Nu-Pro Group id71 View details	2023-04-09	United Kingdom	Communication / Marketing
using Zimbra vulnerability ID 71
Ransomware	Studio Eco Perucca id72 View details	2023-04-09		Other
using Zimbra vulnerability ID 72
Ransomware	Axon Certified Auditors id73 View details	2023-04-09		Finance / Legal / Insurance
using Zimbra vulnerability ID 73
Ransomware	Studio Rossetti e Partners id74 View details	2023-04-09		Other
using Zimbra vulnerability ID 74
Ransomware	Riboli srl id75 View details	2023-04-09		Other
using Zimbra vulnerability ID 75
Ransomware	meta-spb id76 View details	2023-04-09		Other
using Zimbra vulnerability ID 76
Ransomware	Studio Consulenza id77 View details	2023-04-09		Other
using Zimbra vulnerability ID 77
Ransomware	3Punto6 id78 View details	2023-04-09		Other
using Zimbra vulnerability ID 78
Ransomware	Gallagher & Co Consultants id79 View details	2023-04-09		Other
using Zimbra vulnerability ID 79
Ransomware	Evropoly id80 View details	2023-04-09		Other
using Zimbra vulnerability ID 80
Ransomware	Псковпассажиравтотранс id81 View details	2023-04-09		Other
using Zimbra vulnerability ID 81
Ransomware	Cosmos Hotel Group id82 View details	2023-04-09		Hospitality / Food & Beverage / Tourism
using Zimbra vulnerability ID 82
Ransomware	ICT-LabS id83 View details	2023-04-09		Other
using Zimbra vulnerability ID 83
Ransomware	Mobalpa Biarritz id84 View details	2023-04-09		Other
using Zimbra vulnerability ID 84
Ransomware	FEA srl id85 View details	2023-04-09		Other
using Zimbra vulnerability ID 85
Ransomware	Grassi srl id86 View details	2023-04-09		Other
using Zimbra vulnerability ID 86
Ransomware	Tycoon Group id87 View details	2023-04-09		Services
using Zimbra vulnerability ID 87
Ransomware	Fresh-Heads IT id88 View details	2023-04-09		Other
using Zimbra vulnerability ID 88
Ransomware	Vegliolux id89 View details	2023-04-09		Other
using Zimbra vulnerability ID 89
Ransomware	AVM Software & Technology id90 View details	2023-04-09		IT
using Zimbra vulnerability ID 90
Ransomware	ТрансКом-Авиа id91 View details	2023-04-09		Other
using Zimbra vulnerability ID 91
Ransomware	Specialinsert id92 View details	2023-04-09		Other
using Zimbra vulnerability ID 92
Ransomware	Totality Solutions id93 View details	2023-04-09		Services
using Zimbra vulnerability ID 93
Ransomware	СК БлагоДать id94 View details	2023-04-09		Other
using Zimbra vulnerability ID 94
Ransomware	Астра id95 View details	2023-04-09		Other
using Zimbra vulnerability ID 95
Ransomware	Универсалресурс id96 View details	2023-04-09		Other
using Zimbra vulnerability ID 96
Ransomware	TCG id97 View details	2023-04-09		Other
using Zimbra vulnerability ID 97
Ransomware	PMP Meccanica id98 View details	2023-04-09		Other
using Zimbra vulnerability ID 98
Ransomware	Axon id99 View details	2023-04-09		Other
using Zimbra vulnerability ID 99
Ransomware	OPIT Solutions id100 View details	2023-04-09		Services
using Zimbra vulnerability ID 100
Ransomware	ISONA GmbH id101 View details	2023-04-09		Other
using Zimbra vulnerability ID 101
Ransomware	Терра-Минора id102 View details	2023-04-09		Other
using Zimbra vulnerability ID 102
Ransomware	Азимут НТ id103 View details	2023-04-09		Other
using Zimbra vulnerability ID 103
Ransomware	BenarIT id104 View details	2023-04-09		Other
using Zimbra vulnerability ID 104
Ransomware	Asanger Modellbau id105 View details	2023-04-09		Other
using Zimbra vulnerability ID 105
Ransomware	Iris Key Solutions id106 View details	2023-04-09		Services
using Zimbra vulnerability ID 106
Ransomware	Невский Альянс id107 View details	2023-04-09		Other
using Zimbra vulnerability ID 107
Ransomware	NTD SA id108 View details	2023-04-09		Other
using Zimbra vulnerability ID 108
Ransomware	ATE Elettronica id109 View details	2023-04-09		Other
using Zimbra vulnerability ID 109
Ransomware	Answerpro id110 View details	2023-04-09		Communication / Marketing
using Zimbra vulnerability ID 110
Ransomware	Onubo s.r.l. id111 View details	2023-04-09		Other
using Zimbra vulnerability ID 111
Ransomware	Гис Нефтесервис id112 View details	2023-04-09		Other
using Zimbra vulnerability ID 112
Ransomware	Commerciale Ferramenta id113 View details	2023-04-09		Other
using Zimbra vulnerability ID 113
Ransomware	KomGarant id114 View details	2023-04-09		Other
using Zimbra vulnerability ID 114
Ransomware	Froese & Partner id115 View details	2023-04-09		Other
using Zimbra vulnerability ID 115
Ransomware	BMW Алдис id116 View details	2023-04-09		Other
using Zimbra vulnerability ID 116
Ransomware	ВК Логистик id117 View details	2023-04-09		Other
using Zimbra vulnerability ID 117
Ransomware	SBG Global id118 View details	2023-04-09		Services
using Zimbra vulnerability ID 118
Ransomware	Winner Italia id119 View details	2023-04-09		Other
using Zimbra vulnerability ID 119
Ransomware	SA.FI id120 View details	2023-04-09	Finland	Other
using Zimbra vulnerability ID 120
Ransomware	Rivas Boquete SL id121 View details	2023-04-09		Other
using Zimbra vulnerability ID 121
Ransomware	TitanPower id122 View details	2023-04-09		Energy
using Zimbra vulnerability ID 122
Ransomware	Qball Technologies id123 View details	2023-04-09		IT
using Zimbra vulnerability ID 123
Ransomware	Villa Grazioli id124 View details	2023-04-09		Other
using Zimbra vulnerability ID 124
Ransomware	Accurate Section Benders id125 View details	2023-04-09		Other
using Zimbra vulnerability ID 125
Ransomware	INFINREAL Immobilien GmbH id126 View details	2023-04-09		Other
using Zimbra vulnerability ID 126
Ransomware	Evology Manufacturing id127 View details	2023-04-09		Manufacturing / Engineering
using Zimbra vulnerability ID 127
Ransomware	Omniglobe Business Solutions id128 View details	2023-04-09		Services
using Zimbra vulnerability ID 128
Ransomware	happy-snack.ru id129 View details	2023-04-09	Russian Federation	Other
using Zimbra vulnerability ID 129
Ransomware	Loeje Trust SA id130 View details	2023-04-09		Other
using Zimbra vulnerability ID 130
Ransomware	Legato id131 View details	2023-04-09		Other
using Zimbra vulnerability ID 131
Ransomware	Boarding Concept id132 View details	2023-04-09		Other
using Zimbra vulnerability ID 132
Ransomware	NEXT OS id133 View details	2023-04-09		Other
using Zimbra vulnerability ID 133
Ransomware	International Cargo Equipment id134 View details	2023-04-09		Transportation / Travel / Logistics
using Zimbra vulnerability ID 134
Ransomware	NTA srl id135 View details	2023-04-09		Other
using Zimbra vulnerability ID 135
Ransomware	Altarix id136 View details	2023-04-09		Other
using Zimbra vulnerability ID 136
Ransomware	Confindustria Energia id137 View details	2023-04-09	Italy	Other
using Zimbra vulnerability ID 137
Ransomware	TBIT Services id138 View details	2023-04-09		Services
using Zimbra vulnerability ID 138
Ransomware	JvG Consulting id139 View details	2023-04-09		Services
using Zimbra vulnerability ID 139
Ransomware	FinRe Consulting id140 View details	2023-04-09		Services
using Zimbra vulnerability ID 140
Ransomware	RusExport Ltd id141 View details	2023-04-09		Services
using Zimbra vulnerability ID 141
Ransomware	Next Generation Srl id142 View details	2023-04-09		Other
using Zimbra vulnerability ID 142
Ransomware	Wishmaster id143 View details	2023-04-09		Other
using Zimbra vulnerability ID 143
Ransomware	Business Travel Solutions id144 View details	2023-04-09		Services
using Zimbra vulnerability ID 144
Ransomware	Гудвин-Нева id145 View details	2023-04-09		Other
using Zimbra vulnerability ID 145
Ransomware	Etanova id146 View details	2023-04-09		Other
using Zimbra vulnerability ID 146
Ransomware	Studio Papa id147 View details	2023-04-09		Other
using Zimbra vulnerability ID 147
Ransomware	reg22 id148 View details	2023-04-09		Other
using Zimbra vulnerability ID 148
Ransomware	Hotel Smeraldo id149 View details	2023-04-09		Hospitality / Food & Beverage / Tourism
using Zimbra vulnerability ID 149
Ransomware	Chiltern Networks id150 View details	2023-04-09		Telecommunications
using Zimbra vulnerability ID 150
Ransomware	radiosvet id151 View details	2023-04-09		Other
using Zimbra vulnerability ID 151
Ransomware	Wpat id152 View details	2023-04-09		Other
using Zimbra vulnerability ID 152
Ransomware	Spectris Business Systems id153 View details	2023-04-09		Services
using Zimbra vulnerability ID 153
Ransomware	Мебельснаб id154 View details	2023-04-09		Other
using Zimbra vulnerability ID 154
Ransomware	Orcutt Winslow id155 View details	2023-04-09		Other
using Zimbra vulnerability ID 155
Ransomware	Mangum Construction id156 View details	2023-04-09		Construction / Real Estate
using Zimbra vulnerability ID 156
Ransomware	AMET id157 View details	2023-04-09		Other
using Zimbra vulnerability ID 157
Ransomware	Preference Portugal id158 View details	2023-04-09		Communication / Marketing
using Zimbra vulnerability ID 158
Ransomware	Км Профиль id159 View details	2023-04-09		Other
using Zimbra vulnerability ID 159
Ransomware	Livitek id160 View details	2023-04-09		Other
using Zimbra vulnerability ID 160
Ransomware	Chernoff Thompson Architects id161 View details	2023-04-09		Other
using Zimbra vulnerability ID 161
Ransomware	Dalim Software GmbH id162 View details	2023-04-09		IT
using Zimbra vulnerability ID 162
Ransomware	Propac S.r.l. id163 View details	2023-04-09		Communication / Marketing
using Zimbra vulnerability ID 163
Ransomware	MetaContratas id164 View details	2023-04-09		Other
using Zimbra vulnerability ID 164
Ransomware	ISG Software Group id165 View details	2023-04-09		IT
using Zimbra vulnerability ID 165
Ransomware	еКредит id166 View details	2023-04-09		Other
using Zimbra vulnerability ID 166
Ransomware	IPG Automotive GmbH id167 View details	2023-04-09		Manufacturing / Engineering
using Zimbra vulnerability ID 167
Ransomware	AViSTO id168 View details	2023-04-09		Other
using Zimbra vulnerability ID 168
Ransomware	BeeVoip id169 View details	2023-04-09		Other
using Zimbra vulnerability ID 169
Ransomware	Anstel id170 View details	2023-04-09		Other
using Zimbra vulnerability ID 170

Malas

Overview

Top Countries

Known Leak Locations (1)

Top Activity Sectors