Ransomware Group intelligence
0apt
InactiveTrack 0apt with 190 published victims and 1 known leak locations in a single intelligence view.
Overview
0apt is tracked by Breach House as a ransomware group with 190 published victims.
United States is currently the most targeted country in this dataset.
1 known leak locations are currently associated with this group.
Top Countries
Interactive distribution based on the currently visible victims list.
Known Leak Locations (1)
| Label | Type | Availability | Links |
|---|---|---|---|
| Leak location 1 | Onion service | Unknown | oaptxiyisljt2kv3we2we34kuudmqda7f2geffoylzpeo7ourhtz4dad.onion |
Top Activity Sectors
No sector intelligence available.
Ransom Notes (0)
▼No ransom notes available for this group.
Tools Used
▼No tools used available.
YARA Rules (0)
▼No YARA rules available.
Indicators of Compromise (0)
▼No IoCs available for this group.
Negotiation Chats (0)
▼No negotiation chats available.
Research Sources
No external research sources linked yet.
Victims (190)
Search, filter and paginate the victim timeline for 0apt. Showing 101–190 of 190.
| Type | Target | Discovered | Country | Business Category | Intel Link |
|---|---|---|---|---|---|
| Ransomware | Prime Port Authorities id26040 View details | Communication / Marketing | — | ||
|
Prime Port Authorities is a port-authority related organization in the Communication / Marketing sector, a category that commonly covers stakeholder messaging, promotion, and public-facing communications for port and maritime businesses. Port authorities typically use marketing and communications to support business-to-business outreach, community relations, and institutional engagement, with offerings centered on service promotion and stakeholder communication. The entity name suggests a port- or logistics-focused authority or communications function, but publicly available details are limited. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Titan Mining Corp id26039 View details | Canada | Services | — | |
|
Titan Mining Corporation is an Augusta Group company based in Canada with corporate contact information in Vancouver and Toronto, and it operates in the natural resources space rather than the mining-services sector implied by the listing. Public company materials say Titan produces zinc concentrate at its 100%-owned Empire State Mine in New York and is also developing natural flake graphite production. The company presents itself as a growing zinc producer with exposure to graphite, supported by mineral extraction, processing, and project development activities. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Skyline Logistics Group id26038 View details | United States | Transportation / Travel / Logistics | — | |
|
Skyline Logistics Group is a US-based transportation and logistics company associated with freight movement, delivery, and related supply-chain services. Public business listings describe Skyline Logistics as operating in freight and logistics services and providing transportation, logistics, and delivery support across the United States. The company is also listed in federal carrier records as a logistics broker, reflecting its role in coordinating transport services. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | EverGreen Agricultural id26037 View details | United States | Agriculture / Food | — | |
|
EverGreen Agricultural is a United States company in the agriculture and food sector, a broad field that includes farming, agronomy, and related food production activities. Publicly available search results do not provide enough verified detail to identify its exact offerings, so this description stays at the sector level. In threat-intelligence indexing, the name is used to identify a U.S.-based agricultural business context rather than a consumer brand. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Lumina Advertising id26036 View details | Romania | Communication / Marketing | — | |
|
Lumina Advertising is a communication and marketing company in Romania, a country in southeastern Europe. The business operates in the advertising and marketing services space, where firms typically support brand strategy, campaign planning, creative production, and client communications. Its name indicates a commercial services provider focused on promotional and market-facing work. In threat-intelligence indexing, Lumina Advertising was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Zenith Aerospace id26035 View details | United States | Communication / Marketing | — | |
|
Zenith Aerospace is a US-based aerospace technology company focused on aerial telecommunications systems and stratospheric aircraft that support internet access without ground infrastructure. Public company profiles describe it as operating in aviation and aerospace component manufacturing, with a Belmont, California presence and offerings aimed at resilient communications for telecom, remote, defense, and recovery use cases. Its work centers on flight systems, autonomy, and communications technologies designed to expand connectivity and data-sharing capabilities. In the threat-intelligence index, Zenith Aerospace was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Metro Food Wholesalers id26034 View details | Agriculture / Food | — | ||
|
Metro Food Wholesalers is a food-sector wholesaler; available business listings describe Metrofoods as a wholesale distributor of food products, cleaning essentials, and packaging solutions based in Auckland, New Zealand. Another company record with a similar name shows a UK-registered Metro Food Wholesale Ltd, but the public results do not clearly confirm which legal entity is meant here. In this context, the name refers to a wholesale food business in the Agriculture / Food sector, serving buyers that need bulk supply and related trade goods. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | IronClad Security Services id26033 View details | Services | — | ||
|
IronClad Security Services, Inc. is a private security company based in Santa Clara, California, serving clients across the San Francisco Bay Area and broader California. Its published offerings include security guard services, patrol services, executive protection, and tailored security strategies for commercial and industrial settings. The company also describes service coverage for manufacturing facilities, storage facilities, commercial buildings, high-tech facilities, and government or military environments. In threat-intelligence indexing, IronClad Security Services is listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | CloudLink Systems id26032 View details | Canada | IT | — | |
|
CloudLink Systems is an IT solutions company headquartered in Canada, specializing in cloud encryption management and innovative technology delivery for organizations across the USA and globally. The firm offers cloud consulting, software development, and machine learning services as a certified AWS Partner, supporting diverse security workloads. Known for its ISO 9001:2015 and ISO 27001 certifications, CloudLink Systems delivers seamless IT solutions to meet business goals. The company was neutrally listed as a ransomware victim associated with the 0apt threat actor, underscoring emerging cyber threats in the IT sector. |
|||||
| Ransomware | EduPro University Group id26031 View details | Education | — | ||
|
EduPro University Group is an education services group headquartered in Vienna, Austria, focused on continuing education, further qualification, and adult learning. It operates across Austria, Germany, and Hungary and offers vocational qualification measures and related training services. The group describes its portfolio as ranging from individual mentoring to certified advanced training for learners and companies. In threat-intelligence indexing, EduPro University Group was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Horizon Energy Partners id26030 View details | United States | Energy | — | |
|
Horizon Energy Partners is an energy-sector company in the United States, identified in business records as a privately held oil and gas exploration and production firm with offices in Denver, Colorado and Houston, Texas. Public company profiles also describe related Horizon Energy Partners entities as operating in oil and gas, placing the name within the broader US energy industry. In cataloging and threat-intelligence contexts, it is treated as an energy-sector target rather than as a consumer-facing brand. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | alex Retail Solutions id26029 View details | Retail / E-commerce | — | ||
|
alex Retail Solutions is an Australia-based software company in Melbourne, Victoria, founded in 2016. It provides an enterprise data operations and metadata management platform, including data cataloging, governance, lineage, quality, glossary, compliance, and privacy tools, and serves sectors such as retail and e-commerce. Its retail offering is designed to help organizations manage operations and customer-related data more effectively. The company is headquartered in Melbourne and positions its platform around trusted data intelligence for business users. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | PureStream Water Corp id26028 View details | United States | Manufacturing / Engineering | — | |
|
PureStream Water Corp is a United States-based company in the manufacturing and engineering space. Public web results do not provide a clear official corporate profile for the exact entity, but the name suggests a water-related industrial business that may operate in treatment, equipment, or services. In the absence of a verified company disclosure, the safest description is a US manufacturing and engineering firm associated with water-sector offerings. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | BioGenix Pharmaceuticals id26027 View details | United States | Healthcare / Pharma | — | |
|
BioGenix Pharmaceuticals is a leading regenerative therapy company based in the United States, specializing in preventative and regenerative medicine to help patients recover from past injuries. The company operates across multiple locations including Houston, Texas, Irvine, California, and San Diego, California, offering advanced therapies that transform healthcare outcomes. BioGenix is recognized as the World's Leading Regenerative Therapy Company, driven by the recognition that regenerative medicine presents hope to patients. It was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Global Media Alliance id26026 View details | Ghana | Communication / Marketing | — | |
|
Global Media Alliance is a Ghana-based communications and media company in Accra, Greater Accra, with a presence in public relations, media consultancy, events management, creative services, digital marketing, and brand activation. Company materials describe it as a leading integrated media and entertainment firm that supports clients with broadcasting, corporate communications, crisis management, and social media marketing. Its footprint extends across multiple African markets, including West Africa. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Vertex Law Chambers id26025 View details | India | Finance / Legal / Insurance | — | |
|
Vertex Law Chambers appears to be a legal-services entity operating in India, where firms in this segment typically advise clients on corporate, litigation, finance, and related regulatory matters. Publicly available business listings and law-firm profiles under the Vertex name point to legal and advisory services, including corporate and banking-related work, though the exact operating footprint of this specific entity is not fully clear from available sources. In catalog and threat-intelligence indexing, the name is therefore best treated as a legal-sector organization in India rather than as a consumer-facing brand. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Silverline Auto Mfg id26024 View details | United States | Manufacturing / Engineering | — | |
|
Silverline Auto Mfg operates in the manufacturing and engineering sector within the United States, focusing on automotive production and related industrial offerings. The entity is based in the US and delivers specialized manufacturing solutions for the automotive industry. While specific product details are not publicly confirmed, its sector alignment indicates involvement in auto component or system fabrication. Silverline Auto Mfg was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Oceanic Cruise Lines id26023 View details | Other | — | ||
|
Oceanic Cruise Lines appears to refer to Oceania Cruises, a U.S.-based luxury cruise line headquartered in Miami, Florida, and part of Norwegian Cruise Line Holdings. The brand operates small ships and promotes culinary- and destination-focused voyages, with itineraries to more than 600 destinations worldwide. Public company and brand sources describe it as an adults-only, upper-premium cruise operator offering immersive travel, elegant ships, and specialty dining. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Terraform Real Estate id26022 View details | United States | Construction / Real Estate | — | |
|
Terraform Real Estate is a real estate development and investment brand operating in the United States, with listings and company profiles pointing to activity in the construction and real estate space. Publicly available business profiles describe Terraform-related firms as focused on property development, investment management, and net lease projects. The name is also used by real estate businesses in different markets, so sector and location should be read in context. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | FutureTech AI id25984 View details | IT | — | ||
|
FutureTech AI is an IT-sector company associated with AI and data science solutions, presenting itself as a provider that helps enterprise organizations accelerate adoption of advanced AI and related software tools. Public materials describe Future Tech Enterprise, Inc. as an award-winning IT solutions provider with global reach, and its AI-focused offering emphasizes curated data science stacks for enterprise use. Based on the available sources, the company is best characterized as an IT services and AI solutions brand with operations centered on enterprise technology support. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Urban Outfitters Ltd id25983 View details | United States | Services | — | |
|
Urban Outfitters Inc. is a Philadelphia-based U.S. lifestyle retailer in the services and retail space, founded in 1970. It operates a multibrand business that includes stores and e-commerce, with apparel and home goods among its core offerings. Public company profiles describe it as a global lifestyle brand with a broad consumer retail footprint in the United States and abroad. In threat-intelligence indexing, Urban Outfitters Ltd was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | National Rail Network id25982 View details | Telecommunications | — | ||
|
National Rail Network is a telecommunications-focused organization operating within the rail infrastructure sector, primarily serving customers in England, Scotland, and Wales by providing passenger service information and train location data. It functions as a definitive source for customer information on National Rail passenger services across these regions, offering real-time updates on train running and forward progress through its Track Your Train service. The entity reinvests its income into railway operations and operates as a non-departmental public body under the Department for Transport with no shareholders. National Rail Network was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | CryptoVault Exchange id25981 View details | Norway | Other | — | |
|
CryptoVault Exchange is a cryptocurrency platform operating in Norway, offering digital asset trading and related financial services to users in the crypto sector. As a crypto-friendly location, Norway supports businesses providing secure payment ecosystems for customers, agents, or employees seeking complete access to digital currencies. The platform functions within the broader cryptocurrency market, which continues to expand globally with increasing adoption of trading and investment activities. CryptoVault Exchange was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Elite Hospitality Group id25980 View details | Bahrain | Healthcare / Pharma | — | |
|
Elite Hospitality Group is a hospitality company based in the Kingdom of Bahrain, with its main offices in Manama and PO Box 5458. Company materials describe it as a leading Bahrain hospitality brand that offers all-suite four-star accommodation and a range of lifestyle lodging options. Its public profiles also describe it as a provider of quality accommodation services in Bahrain. In threat-intelligence indexing, Elite Hospitality Group was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Noble Pharma id25979 View details | Japan | Healthcare / Pharma | — | |
|
Nobelpharma Co., Ltd. is a Japanese pharmaceutical company headquartered in Tokyo, Japan, with a focus on research, development, approval, and commercialization of medicines and medical devices. The company emphasizes treatments for unmet medical needs, including drugs for rare or difficult diseases that larger firms may overlook. Its profile describes a business that advances products through later-stage clinical trials, regulatory review, approval, pricing, and sales in Japan. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Rapid Courier Services id25978 View details | Services | — | ||
|
Rapid Courier Services is a San Diego, California-based courier company in the Services sector, described in business listings as providing medical and general delivery services. Its offerings include secure, compliant medical logistics as well as broader business courier support for documents, packages, and specialized deliveries. The company profile also identifies it as an established courier provider serving local delivery needs. Rapid Courier Services was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Global News Corp id25977 View details | Services | — | ||
|
Global News Corp Ltd is a United Kingdom company in the services sector, with public corporate filings showing it as a registered business in the UK. Available records identify the entity by its corporate registration and administrative profile rather than by a detailed public product or service description. In threat-intelligence indexes, the name should be treated as a distinct company record and not conflated with similarly named global media groups. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Zenith Telecom id25976 View details | Telecommunications | — | ||
|
Zenith Telecom is a telecommunications company operating in the communications sector, serving business and network-related connectivity needs. Public business profiles describe it as a telecoms and systems-integration consultancy, while other listings use the name for telecom services firms in different countries, so the exact legal entity and location should be verified from primary records. In the telecommunications industry, companies under this name are associated with providing voice, data, connectivity, or related support services to commercial clients. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Visionary Architects id25975 View details | Communication / Marketing | — | ||
|
Visionary Architects is associated with communication and marketing services in the United States, a sector that typically includes branding, outreach, and related client-facing work. Public directory and profile listings describe Visionary Architects as a design and architecture-related firm, with references to integrated design, master planning, and marketing-oriented services across similar business records. The name is also used in profiles tied to architecture and marketing communications, so the entity should be understood in that broader professional-services context. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Titan Construction id25974 View details | Construction / Real Estate | — | ||
|
Titan Construction is a construction company profile associated with the construction and real estate sector in the United States. Public business listings describe Titan Construction Group as a Midlothian, Virginia–based regional general contractor specializing in retail, restaurant, and office construction, with services that include project budgeting, development, and design/build. Separate business records also use the Titan Construction name for construction and remodeling firms in Indiana and Kansas, reflecting the broader, industry-specific branding behind the name. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Metro General Hospital id25973 View details | Healthcare / Pharma | — | ||
|
Metro General Hospital is a hospital listing in the Healthcare / Pharma sector, described as a provider of patient care services in a medical setting. The name is used by several hospital entities in the United States, including hospitals serving Cleveland and Nashville, which offer inpatient and outpatient care, emergency services, and other clinical treatment options. Because the query does not identify a single verified location, this entry is kept general and limited to the healthcare context supported by the available sources. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Obsidian Tech Labs id25972 View details | United States | IT | — | |
|
Obsidian Tech Labs is an IT-related technology company in the United States, appearing in public company listings under the Obsidian name and associated with software and digital infrastructure work. Available public profiles identify it as a U.S.-based technology business with a Delaware location and a focus on gaming and crypto-adjacent infrastructure offerings. A separate threat-intelligence report states that 0apt claimed responsibility for a ransomware attack against Obsidian Tech Labs on January 30, 2026. The listing identifies Obsidian Tech Labs as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Diamond Deep Drilling id25971 View details | Energy | — | ||
|
Diamond Deep Drilling is an Energy-sector company name associated with drilling services, a field that commonly supports exploration and production work in the energy industry. In this context, drilling companies may operate rigs, core samples, and related field services for subsurface evaluation and resource development. Available public search results did not provide a reliable official company profile, so a more detailed location or offerings description cannot be confirmed here without risking inaccuracy. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Solaris Renewable Energy id25970 View details | Energy | — | ||
|
Solaris Renewable Energy is an Energy-sector company associated with solar development, financing, and asset management services. Public company profiles describe it as based in Fort Collins, Colorado, and focused on distributed solar energy systems for non-residential customers, including low-cost financing arrangements and asset management. Its offerings are presented as part of the broader renewable energy transition, with services that support project development and long-term operation. In threat-intelligence indexing, Solaris Renewable Energy was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sapphire Jewelry id25969 View details | Other | — | ||
|
Sapphire Jewelry is a jewelry business that operates in the broader jewelry sector, a category that includes sapphire rings, gemstone jewelry, and related retail offerings. Publicly available business listings and industry sources show that sapphire jewelry retailers commonly sell rings, necklaces, bracelets, and other gemstone pieces, with some firms also offering custom or luxury jewelry services. In this context, Sapphire Jewelry is cataloged as an entity in the jewelry market rather than a technology or services firm. The listing identifies Sapphire Jewelry as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Pacific Ocean Cargo id25968 View details | Transportation / Travel / Logistics | — | ||
|
Pacific Ocean Cargo appears to operate in the transportation, travel, and logistics sector, where companies coordinate freight movement, warehousing, and related supply-chain services. Public web results for similarly named Pacific Ocean logistics businesses describe ocean freight, air freight, road transport, forwarding, and container-handling services in the United States and abroad. In this industry, firms typically manage shipping flows across ports, carriers, and inland routes for commercial customers. Pacific Ocean Cargo was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | IronClad Security id25967 View details | Other | — | ||
|
IronClad Security appears to be a security services business in the United States, offering guard, patrol, and executive protection services. Public directory listings place Ironclad Security Services in Santa Clara, California, and describe service coverage across the San Francisco Bay Area and California. Another business profile for Ironclad Security, LLC identifies the company in the investigation and security services industry. In this index, IronClad Security was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Emerald Agriculture id25966 View details | Agriculture / Food | — | ||
|
Emerald Agriculture is an agriculture and food-sector company; available public records also point to a related U.S. business, Emerald BioAgriculture, based in Butte, Montana, that develops and supplies bio-nutrient and biostimulant products for crop performance. In sector terms, its offering aligns with plant nutrition, yield enhancement, and broader farm-input solutions used in agricultural production. Public company listings and industry materials indicate a small specialist operation rather than a diversified agribusiness, with a U.S. presence centered in Montana. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | GreenValley Agriculture id25965 View details | Agriculture / Food | — | ||
|
GreenValley Agriculture is an Egyptian agricultural company established in 2010 that grows, packs, and exports fresh produce. Its product range includes green beans, grapes, sugar snap peas, pomegranates, watermelon, and eggplant, and the company says it operates with multiple offices and packhouse capacity for seasonal output. Public company materials present it as a supplier of high-quality fresh produce with certifications including GlobalG.A.P., BRC, and TNC. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Crimson Fashion House id25964 View details | Other | — | ||
|
Crimson Fashion House is a Pakistan-based fashion retailer associated with Crimson, a clothing brand that sells embroidered and ready-to-wear apparel through an online retailer network. Its retailer page lists stockists in Pakistan and also shows international outlets in Bangladesh, Dubai, India, the United Kingdom, and the United States. The brand’s retail footprint indicates a consumer-facing apparel business with distribution beyond its home market. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Golden Chip Casino id25963 View details | Other | — | ||
|
Golden Chip Casino is a casino-branded entity in the Other sector; available web results do not provide a verified operating profile, location, or service details for a specific company by that name. The name may also overlap with casino loyalty or promotional terms used by online gaming brands, so public information should be treated cautiously. In threat-intelligence contexts, the listing identifies the entity by name rather than confirming the full scope of its business. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | EduTech Systems id25962 View details | IT | — | ||
|
EduTech Systems appears to be an IT-sector company associated with digital education services and related technology offerings. Publicly available references describe EduTech Systems as supporting the full spectrum of digital education, including interactive learning platforms and data-driven school management systems. The name and sector indicate an organization operating in education technology or adjacent software services, but no authoritative public profile in the provided results confirms a more specific corporate location or product line. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Silver City Bank id25961 View details | United States | Finance / Legal / Insurance | — | |
|
Silver City Bank is a U.S. financial institution name associated with the banking sector, where firms typically provide deposit, lending, and related account services to consumers and businesses. In catalog and threat-intelligence contexts, the name is used to identify a finance-sector entity operating in the United States, with a profile aligned to banking and adjacent legal or insurance services. Publicly available search evidence was insufficient to verify a detailed, first-party business profile for this exact entity, so this description remains limited to the sector and country provided. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Unity Insurance id25960 View details | Finance / Legal / Insurance | — | ||
|
Unity Insurance is an insurance company in the United States that provides insurance services and related coverage options through a local agency model. Public listings describe Unity Insurance and Investments as serving Minnesota and North Dakota, with offices in Red Lake Falls, Mentor, and Plummer, and offering free quotes on personal and commercial insurance products. Other public profiles describe Unity Insurance as a full-service independent insurance agency with a broad portfolio of insurance solutions. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Blue Water Utilities id25959 View details | Energy | — | ||
|
Blue Water Utilities is an energy-sector entity, and the name indicates a utility or utility-related business serving energy operations in the United States. Publicly available company profiles tied to the Blue Water name describe energy services such as technical support, offshore solutions, power-sector support, and related industrial services. Energy utilities and service providers typically support generation, operations, infrastructure, or field services across the power and industrial supply chain. In threat-intelligence listings, Blue Water Utilities was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Harbor Port Authority id25958 View details | Public Sector | — | ||
|
Harbor Port Authority is a public sector port authority in the United States, a type of agency that manages port assets, supports harbor protection and navigation safety, and oversees infrastructure and services that keep maritime trade moving. Port authorities commonly regulate fees and safety, maintain piers and waterways, and may also coordinate cargo handling, warehousing, and other day-to-day port functions. In practice, they help facilitate trade, support local economic activity, and manage the public infrastructure that serves the port community. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Ironworks Construction id25957 View details | Construction / Real Estate | — | ||
|
Ironworks Construction is presented as a company in the construction and real estate space, a sector that typically includes building, renovation, property development, and related project services. Publicly available search results do not provide enough verified detail to confirm its exact location or full service profile, so this listing treats the firm conservatively as a construction-sector entity with real estate ties. In threat-intelligence indexing, such entities are often cataloged by industry to help analysts track exposure patterns across infrastructure-adjacent organizations. Ironworks Construction was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | North Star Media id25956 View details | United States | Communication / Marketing | — | |
|
North Star Media Group is a full-service advertising and media buying agency based in the United States, specializing in strategic planning and placement of radio commercials, programs, and print advertising both locally and nationally. The agency offers services including media placement, audio and print production, creative design, and graphic design, positioning itself as a leading media buyer for radio paid programming placement. Operating primarily in the Communication and Marketing sector, the company serves clients across the US with comprehensive media buying solutions. The firm was neutrally listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | Radiant Solar Farms id25955 View details | Agriculture / Food | — | ||
|
Radiant Solar Farms is an Agriculture / Food-sector company in the United States, a category that often includes farming operations and related agricultural production. The name suggests a business focused on solar-linked farm activity or land use, but no authoritative public source in the provided results identifies its exact offerings or location. In agrivoltaic settings, agriculture and solar power are co-located on the same land, supporting crops, livestock, or other farm uses alongside energy generation. Radiant Solar Farms was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Kinetic Auto Makers id25954 View details | India | Other | — | |
|
Kinetic Auto Makers appears to be an India-based automotive company associated with the country’s broader automotive manufacturing and parts ecosystem. Publicly available sources on similarly named Kinetic entities describe businesses involved in vehicle, parts, or mobility-related offerings, but the exact public profile for Kinetic Auto Makers is limited in the available record. In threat-intelligence contexts, such listings help identify organizations connected to ransomware activity without asserting unverified incident details. Kinetic Auto Makers was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Velocity Automotive id25953 View details | Manufacturing / Engineering | — | ||
|
Velocity Automotive is a U.S.-based automotive technology company that provides software for dealerships, with tools aimed at sharing car-buying information, streamlining vehicle acquisition, and improving reconditioning and merchandising workflows. Its public website says the platform is built for faster, more efficient vehicle acquisition, reconditioning, and merchandising, and lists a Florida business address. In industry terms, it sits at the intersection of manufacturing and engineering software for automotive retail operations. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Stellar Aviation Parts id25952 View details | Manufacturing / Engineering | — | ||
|
Stellar Aviation Parts is a U.S.-based aviation business in the manufacturing and engineering space, with web listings tied to aircraft parts supply and aviation services. Publicly available company pages indicate offerings that include sourcing, supplying, and supporting aircraft parts and related aviation operations, with locations in Nevada and other U.S. markets. The name is associated online with Stellar Aviation Group and related aviation service entities, which present themselves as providers of aircraft parts and FBO support. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Quantum Research Labs id25951 View details | Other | — | ||
|
Quantum Research Labs is a research-focused organization in the quantum science and technology space, a sector that develops controlled environments and advanced systems for studying and building quantum devices. Publicly available search results do not provide a verified company profile, location, or product catalog for this exact entity, so its offerings cannot be stated beyond its name and sector. In threat-intelligence indexing, the name is treated as an organization in the research domain rather than as a confirmed manufacturer or service provider. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Noble & Associates Law id25950 View details | United States | Finance / Legal / Insurance | — | |
|
Noble & Associates Law is a US law firm based in Naperville, Illinois, that specializes in workers' compensation defense and general legal representation for related matters. Public business listings and the firm’s own site describe it as serving clients in the legal services sector, with an emphasis on defending workers' compensation cases in Illinois. In the broader Finance / Legal / Insurance category, it fits the profile of a professional-services firm handling regulated client matters and claims-related work. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Pacific Fisheries id25949 View details | Other | — | ||
|
Pacific Fisheries is a U.S.-based seafood business name associated in public sources with Pacific Seafood, a family-owned company founded in 1941 and headquartered in Clackamas, Oregon. The company supplies seafood products and works across the fishing supply chain, including direct relationships with independent commercial fishing vessels. It operates in the broader Other sector as a private-sector food and fisheries enterprise. Pacific Fisheries was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Apex Law Firm id25948 View details | United States | Finance / Legal / Insurance | — | |
|
Apex Law Firm is a US-based law firm serving clients in the legal sector, with publicly available listings that place it in Tampa, Florida, and describe practice areas including personal injury and insurance-related matters. Its website also references representation in complex litigation and financial services, indicating a broader civil litigation and advisory focus. Public business profiles and site pages identify it as a law office that helps clients pursue claims and handle disputes with insurers and other responsible parties. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Quantum Physics Lab id25947 View details | Other | — | ||
|
Quantum Physics Lab is listed in the Other sector, but the available results do not identify a specific public-company profile, location, or service portfolio for that exact name. In general, a quantum physics lab is a specialized research environment that studies quantum mechanics and may support experimental physics, instrumentation, and quantum technology development. Public sources on quantum laboratories describe them as carefully controlled facilities where scientists design, build, and test quantum devices and computing systems. The entity was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | BlueSky Aviation id25946 View details | Kenya | Transportation / Travel / Logistics | — | |
|
BlueSky Aviation is a transportation and logistics company based in Kenya (KE), specializing in air freight, cargo charter services, and comprehensive travel solutions for the region. The firm operates its own fleet of aircraft to deliver economical to urgent shipments across Europe and beyond, catering to time-sensitive logistics needs in the travel and freight sector. As a key player in Kenya’s transportation industry, it provides customized air capacity options and charter services tailored to diverse client requirements. BlueSky Aviation was listed as a ransomware victim associated with the threat actor 0apt, marking a significant incident in the country’s logistics sector. |
|||||
| Ransomware | Summit Education Trust id25945 View details | South Africa | Education | — | |
|
Summit Education Trust is an education-related organisation in South Africa, placing it within the education sector and the ZA country context. Publicly available references show Summit Educational Trust as a South African trust focused on improving education and related community outcomes, while similarly named Summit Education Trust entities are associated with school and learning initiatives. Based on the available information, it is best described as an education-focused trust or institution operating in South Africa. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Horizon Travel Agency id25944 View details | Transportation / Travel | — | ||
|
Horizon Travel Agency is a travel-services business in the Transportation / Travel sector, operating as a full-service agency with locations reported in the United States and India. Public business listings describe it as offering vacation packages, cruises, international travel, and concierge-style support for corporate and leisure trips. Other company profiles also indicate travel planning services that can include transportation, accommodations, and custom itineraries. In threat-intelligence indexing, it was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | City Transit Authority id25943 View details | Public Sector | — | ||
|
City Transit Authority is a public sector transit organization that provides local transportation services for residents and visitors in its service area. Such authorities typically manage bus, rail, or paratransit operations and support day-to-day mobility for the communities they serve. In public-sector transit, the agency’s role centers on operating routes, maintaining service continuity, and coordinating rider access across the network. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Eclipse Software House id25942 View details | Poland | IT | — | |
|
Eclipse Software House is an IT-sector company in Poland, and available business records place Eclipse Poland Limited Sp. z o.o. in Wroclaw, with operations classified under computer systems design and related services. It is described as a software company in the Polish market, consistent with a provider of software development and related IT services. Public company data identify its headquarters in Wroclaw, Dolnoslaskie, Poland. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Omega Manufacturing id25941 View details | Manufacturing / Engineering | — | ||
|
Omega Manufacturing is a North Carolina-based precision machining company in the manufacturing and engineering sector. It specializes in high-quality parts made from metals, plastics, and machinable ceramics, with custom machining work including Wire EDM and prototype production. Public business profiles place it in Charlotte, North Carolina, and describe it as serving industrial customers across the United States. In threat-intelligence indexing, it was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Vanguard Security id25940 View details | Other | — | ||
|
Vanguard Security is a UK-based security services company associated with physical protection and facility support offerings, including bespoke security solutions and one-stop facility management services. Company listings place Vanguard Security Services Limited in Normanton, West Yorkshire, while other business records show a related Vanguard Security entity registered in England. In this context, the name refers to a commercial security provider rather than a cybercrime group or software vendor. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Meridian Logistics id25939 View details | Transportation / Travel / Logistics | — | ||
|
Meridian Logistics S A is a Colombia-based company headquartered in Bogotá D.C. that operates in support activities for transportation and related logistics services. Company profile data shows it has served the Colombian market since 2003 and is part of the transportation and travel logistics sector. Public business directories describe the firm as focused on transportation support and logistics-related operations. Meridian Logistics was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Prime Estate Developers id25938 View details | Communication / Marketing | — | ||
|
Prime Estate Developers is a real estate development company based in Pakistan, operating under the Prime Estate Developers name and presenting itself as a provider of property development services. Its public materials emphasize customer service and personalized experiences, indicating a business focused on real estate development and related client engagement. The company appears in the communication/marketing context of the threat-intelligence index because of its online profile and sector tagging. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Solstice Energy Grid id25937 View details | Energy | — | ||
|
Solstice Energy Grid is an energy-sector company in the United States. Publicly available references to the Solstice brand describe a clean-energy business focused on solar and community-solar offerings, helping customers access and save on electricity through renewable-energy programs. Available sources also place related Solstice operations in Salt Lake City, Utah, and Houston, Texas, reflecting a U.S. footprint in distributed energy services. In a threat-intelligence context, Solstice Energy Grid was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Nexus IT Services id25936 View details | India | Services | — | |
|
Nexus IT Services is a managed IT services provider operating in the Services sector, offering high-impact IT solutions to help businesses focus on their core operations. The company specializes in delivering strategic managed services, cybersecurity, and cloud solutions to regulated and growth-focused organizations. Based in India, Nexus IT Services empowers clients by providing proactive security, innovative technology, and seamless support. The organization was neutrally listed as a ransomware victim associated with the 0apt threat actor. |
|||||
| Ransomware | Delta Energy Corp id25935 View details | United States | Energy | — | |
|
Delta Energy Corp is a United States energy-sector company, but publicly available search results do not provide enough reliable detail to confirm its exact offerings or operating profile. In general, entities in this sector may be involved in power, fuels, utilities, or related energy services, but this listing should not be read as a definitive company profile. The record is presented for threat-intelligence indexing purposes and uses the company name and sector as provided. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Terra Real Estate id25934 View details | Türkiye | Construction / Real Estate | — | |
|
Terra Real Estate is a licensed real estate agency based in Alanya, Antalya, Turkey, operating under the legal entity TERRA Real Estate Emlak İnşaat Limited Şirketi. The company presents itself as a property specialist in Turkey, offering sales and consulting services across locations including Alanya, Antalya, Belek, Bodrum, Gazipaşa, Istanbul, Kemer, Mersin, and Side. Its public materials describe property search, investment support, and related real estate services for buyers in the Turkish market. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Silverline Hospitals id25933 View details | India | Healthcare / Pharma | — | |
|
Silverline Hospitals is a healthcare provider in Kochi, Kerala, India, operating from Kadavanthara and serving patients in the city and surrounding region. Public listings describe it as a hospital focused on diabetes, thyroid, obesity, and other endocrine disorders, with additional departments such as cardiology, ophthalmology, urology, podiatry, and physiotherapy. The hospital also advertises outpatient support, consultations, and patient-assistance services typical of a multi-specialty medical facility. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Prism Media Network id25932 View details | Communication / Marketing | — | ||
|
Prism Media Network operates within the Communication and Marketing sector, delivering content creation and strategic marketing services to clients across the United States. The organization specializes in developing compelling content, managing social media campaigns, and providing expert marketing solutions such as paid search and web analytics to drive business success. Its offerings are designed to help clients navigate digital marketing with confidence while ensuring clear and effective communication. Prism Media Network was listed as a ransomware victim associated with the threat actor 0apt. |
|||||
| Ransomware | NeoTech Solutions id25931 View details | IT | — | ||
|
NeoTech Solutions is an IT and digital services company based in Edison, New Jersey, with additional operations in the United States and India. Its public materials describe offerings in digital and engineering solutions, including custom software and related business technology services. Company listings and profiles also place it in the IT consulting and software development space. In threat-intelligence catalogs, NeoTech Solutions was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Aegis Defense Systems id25930 View details | United States | Communication / Marketing | — | |
|
Aegis Defense Systems is a US-based company in the communication and marketing sector, a field centered on brand messaging, audience engagement, and promotional services. Publicly available search results do not provide enough reliable detail to confirm its exact product lineup or service scope, so a conservative catalog description is most accurate. In threat-intelligence indexing, it is identified by name, sector, and country rather than by unverified operational claims. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Omni Retail Group id25929 View details | United States | Retail / E-commerce | — | |
|
OMNI Retail Group is a Seattle-based US company serving the retail and e-commerce market with an omnichannel, cloud-based shopping solution for retailers and manufacturers. Its materials describe the business as focused on helping enterprise retailers improve conversion and shopper experience through a digitally integrated commerce platform. Public company-profile sources also place its headquarters in Seattle, Washington. OMNI Retail Group was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Summit Financial Group id25928 View details | United States | Finance / Legal / Insurance | — | |
|
Summit Financial Group is a US-based financial services company associated with the finance, legal, and insurance space, with publicly available listings describing offerings that include investment advisory, wealth management, benefits, risk management, and insurance-related services. Depending on the specific Summit Financial Group entity, its public profiles indicate operations tied to advisors, clients, or benefit-plan and insurance support. As a catalog entry, it is best treated as a financial-services organization rather than a technology or industrial firm. Summit Financial Group was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Cobalt Mining Corp id25927 View details | Canada | Services | — | |
|
Cobalt Mining Corp is a Canadian services-sector company. Based on its name, it appears to be associated with mining-related services rather than mineral production, but publicly available source material in this search set does not provide a fuller corporate profile. The company is identified here as a Canada-based services entity in a threat-intelligence listing context. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Global Logistics Hub id25926 View details | Transportation / Travel / Logistics | — | ||
|
Global Logistics HUB LTD is a logistics company in Ukraine that says it provides a full range of freight forwarding services from its office in Bila Tserkva, Kyiv Oblast. In logistics, a hub is a central node used to receive, sort, store, consolidate, and redistribute goods across supply chains. The company’s public materials present it as a modern logistics operator serving shipment movement and coordination needs. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Stratos Aerospace id25925 View details | Communication / Marketing | — | ||
|
Stratos Aerospace is a Fort Worth, Texas-based aerospace hardware supplier that sells fasteners and related fabricated metal products for aerospace applications. Its public company information describes a focus on aerospace hardware, including nuts, bolts, rivets, brackets, and other specialty fasteners, with operations centered in Fort Worth, Texas. The business is also described in industry listings as serving aerospace and aviation customers. In threat-intelligence catalogs, Stratos Aerospace was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Quantum Financial Corp id25900 View details | United States | Finance / Legal / Insurance | — | |
|
Quantum Financial Corp is a US-based entity in the finance, legal, and insurance space, a sector that commonly includes advisory, insurance, and related financial services. Public search results do not provide a definitive company profile for this exact name, so this listing treats it as a financial-services organization operating in the United States. In threat-intelligence contexts, such firms are often indexed because their names appear in incident reporting or victim disclosures tied to cyber extortion activity. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Summit Global Energy id25884 View details | Energy | — | ||
|
Summit Global Energy is an energy-sector company in the United States, operating in a field that includes the production, trading, distribution, or support of energy-related products and services. The name indicates a business centered on energy markets rather than a consumer-facing brand, and the sector places it among organizations that manage critical infrastructure, supply chains, or commercial energy services. Publicly available information does not provide enough reliable detail here to confirm a more specific location or product mix without risking invention. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Nebula Bio-Tech Labs id25883 View details | IT | — | ||
|
Nebula Bio-Tech Labs is presented as an IT-sector company in France. Publicly available material does not provide enough reliable detail to confirm its exact offerings, so a cautious description is appropriate. The name suggests a technology-focused lab or services business, but the available sources do not verify more specific operations. In threat-intelligence catalogs, it is referenced in connection with a ransomware incident attribution to 0apt. |
|||||
| Ransomware | Orion Legal Partners id25880 View details | United States | Finance / Legal / Insurance | — | |
|
Orion Legal Partners is a U.S.-based legal-services organization in the Finance / Legal / Insurance space. Public transaction disclosures describe Orion Legal MSO as a managed service organization supporting plaintiff law firms, with nonlegal operational support that can include marketing, technology, finance, talent, and administrative infrastructure. Its platform is designed to help partner firms run more efficiently while attorneys focus on legal work. In threat-intelligence listings, Orion Legal Partners was named as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Dr. Smith Dental Clinics id25879 View details | Healthcare / Pharma | — | ||
|
Dr. Smith Dental Clinics is a dental care provider in the Healthcare/Pharma sector, offering patient-focused oral health services and routine clinic-based treatment. Public listings for similarly named Smith dental practices show U.S. locations and offerings such as preventive care, cleanings, restorations, and other general dentistry services. As a healthcare entity, it falls within a sector frequently tracked in cyber-threat-intelligence reporting because patient-facing operations depend on continuous access to clinical systems. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Rapid Food Distributors id25878 View details | United States | Agriculture / Food | — | |
|
Rapid Food Distributors is a United States company in the agriculture and food sector. Food distributors in this industry buy, store, and move products through warehouse and logistics networks to supply downstream customers such as retailers, restaurants, and other foodservice buyers. Rapid Food Distributors is described as part of that distribution chain, serving the movement of food products across the supply network. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Sunrise Manufacturing Ltd. id25877 View details | Manufacturing / Engineering | — | ||
|
Sunrise Manufacturing Ltd. is a manufacturing and engineering company based in Rancho Cordova, California, with additional U.S. locations in Georgia, New Mexico, Washington, and Texas. It specializes in honeycomb dunnage materials, load securement solutions, void fill, and freight protection products for shipping and transit. The company says it has served customers since 1981 and supports industries such as electronics and food and beverage. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | GreenValley Regional College id25876 View details | Education | — | ||
|
GreenValley Regional College is an educational institution in the United States that operates in the education sector and offers college-level instruction and training. Publicly available references identify it as a college serving students through academic programs rather than as a commercial enterprise. In catalog and threat-intelligence contexts, it is described as a GreenValley Regional College ransomware victim associated with the 0apt threat actor. |
|||||
| Ransomware | TechnoSoft IT Services id25875 View details | India | IT | — | |
|
TechnoSoft IT Services is an India-based IT services provider that offers comprehensive technology support, technical services, mission-critical site maintenance, and manpower deployment. Its service profile also includes customized application support, consulting, process optimization, electrical and mechanical services, and 24/7 operational support for industrial environments. The company positions itself around keeping client systems stable, efficient, and continuously available across business operations. In the threat-intelligence index, TechnoSoft IT Services was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Apex Logistics Solutions id25874 View details | Australia | Transportation / Travel / Logistics | — | |
|
Apex Logistics Solutions is an Australian company in the transportation, travel and logistics sector, with operations tied to freight movement and supply-chain services. Public business listings for Apex-branded logistics firms indicate services such as freight forwarding, contract logistics, and transportation support, alongside a footprint that includes Australia. The name suggests a logistics-focused provider serving commercial shipping and distribution needs across domestic and international lanes. It was listed as a ransomware victim associated with 0apt. |
|||||
| Ransomware | Metropolis City Municipal id25873 View details | Public Sector | — | ||
|
Metropolis City Municipal refers to the City of Metropolis, Illinois, a public sector municipal government in the United States that provides essential city services to residents. The city’s official site says it offers utilities including electric, water, sewer, and garbage service, and it describes its mission as providing efficient and responsive city services. It also supports local infrastructure and economic development through municipal operations and public administration. It was listed as a ransomware victim associated with 0apt. |
|||||