Ransomware Group intelligence

Apt73

Active

Track Apt73 with 172 published victims and 11 known leak locations in a single intelligence view.

Victims 172 Known published victims in this dataset
First discovered 2024-04-22 Earliest victim discovery date
Last discovered 2026-07-06 Latest victim discovery date
Inactive since 12 days Days since the latest known victim
Top country United States 23 victims
Known locations 11 Leak or negotiation infrastructure tracked

Overview

Apt73 is tracked by Breach House as a ransomware group with 172 published victims.

United States is currently the most targeted country in this dataset.

11 known leak locations are currently associated with this group.

Top Countries

Interactive distribution based on the currently visible victims list.

Top Countries
Distribution

    Known Leak Locations (11)

    Label Type Availability Links
    Leak location 1 Web location Unknown eraleignews.com
    Leak location 2 Onion service Unknown wn6vonooq6fggjdgyocp7bioykmfjket7sbp47cwhgubvowwd7ws5pyd.onion
    Leak location 3 Onion service Unknown fleqwmg7xnanypt5km2m75l72q7nlcvlp2m4sdmgjxorsn6tb3zyp3qd.onion
    Leak location 4 Onion service Unknown apt73grpjgjwykrenq7vnjejue76vosdzptdvmonv7vyqnsyokrw57ad.onion
    Leak location 5 Onion service Unknown bashe4aec32kr6zbifwd5x6xgjsmhg4tbowrbx4pneqhc5mqooyifpid.onion
    Leak location 6 Onion service Unknown basheqtvzqwz4vp6ks5lm2ocq7i6tozqgf6vjcasj4ezmsy4bkpshhyd.onion
    Leak location 7 Onion service Unknown basherq53eniermxovo3bkduw5qqq5bkqcml3qictfmamgvmzovykyqd.onion
    Leak location 8 Onion service Unknown basherykagbxoaiaxkgqhmhd5gbmedwb3di4ig3ouovziagosv4n77qd.onion
    Leak location 9 Onion service Unknown basherykagbxoaiaxkgqhmhd5gbmedwb3di4ig3ouovziagosv4n77qd.onion
    Leak location 10 Onion service Unknown bashete63b3gcijfofpw6fmn3rwnmyi5aclp55n6awcfbexivexbhyad.onion
    Leak location 11 Onion service Unknown bashex7mokreyoxl6wlswxl4foi7okgs7or7aergnuiockuoq35yt3ad.onion

    Top Activity Sectors

    No sector intelligence available.

    Research Sources

    No external research sources linked yet.

    Victims (172)

    Search, filter and paginate the victim timeline for Apt73. Showing 1–100 of 172.

    Type Target Discovered Country Business Category Intel Link
    Ransomware dgcement.com id30288 View details Algeria Manufacturing / Engineering
    Ransomware dgcement.com id30288 View details Algeria Manufacturing / Engineering
    Ransomware azarestan.com id30286 View details Iran, Islamic Republic of Other
    Ransomware azarestan.com id30286 View details Iran, Islamic Republic of Other
    Ransomware vicentetrapani.com id30283 View details Argentina Other
    Ransomware vicentetrapani.com id30283 View details Argentina Other
    Ransomware westernint.com id30281 View details United States Finance / Legal / Insurance
    Ransomware westernint.com id30281 View details United States Finance / Legal / Insurance
    Ransomware aydeniz.com id30243 View details Türkiye Transportation / Travel / Logistics
    Ransomware aydeniz.com id30243 View details Türkiye Transportation / Travel / Logistics
    Ransomware flazio.com id30235 View details Brazil IT
    Ransomware flazio.com id30235 View details Brazil IT
    Ransomware holidaypalace.com id30236 View details Macao Hospitality / Food & Beverage / Tourism
    Ransomware holidaypalace.com id30236 View details Macao Hospitality / Food & Beverage / Tourism
    Ransomware ritavo.com id30228 View details Austria Retail / E-commerce
    Ransomware ritavo.com id30228 View details Austria Retail / E-commerce
    Ransomware kliknklik.com id29983 View details Indonesia Retail / E-commerce
    Ransomware kliknklik.com id29983 View details Indonesia Retail / E-commerce
    Ransomware gov.br id29984 View details Brazil Public Sector
    Ransomware gov.br id29984 View details Brazil Public Sector
    Ransomware viennaairport.com id29991 View details Austria
    Ransomware viennaairport.com id29991 View details Austria
    Ransomware smarty.arpinet.am id29577 View details Armenia IT
    Ransomware elections.mia.gov.am from WOLVES OF TURAN id29569 View details Armenia Public Sector
    Ransomware tkgm.gov.tr id29316 View details Türkiye Public Sector
    Ransomware minsa.com.mx id29317 View details Mexico Other
    Ransomware tvnmedia.com id29309 View details Poland Communication / Marketing
    Ransomware grupopetersen.com.ar id29302 View details Argentina Manufacturing / Engineering
    Ransomware narit.or.th id29303 View details Thailand Other
    Ransomware alkaloid.com.mk id29305 View details North Macedonia Healthcare / Pharma
    Ransomware ungererandcompany.com id29299 View details Germany Manufacturing / Engineering
    Ransomware trifecta.com id28519 View details United States Retail / E-commerce
    Ransomware credio.eu id28520 View details Austria Finance / Legal / Insurance
    Ransomware servicepower.com id28521 View details United Kingdom IT
    Ransomware bigalsfoodservice.co.uk id28522 View details United Kingdom Agriculture / Food
    Ransomware gannons.co.uk id28523 View details United Kingdom Finance / Legal / Insurance
    Ransomware pindrophearing.co.uk id28524 View details United Kingdom Healthcare / Medicine
    Ransomware talonsolutions.co.uk id28525 View details United Kingdom IT
    Ransomware northernsafety.com id28526 View details United States Retail / E-commerce
    Ransomware legilog.fr id28527 View details France IT
    Ransomware scopeset.de id28528 View details Germany IT
    Ransomware trinitesolutions.com id28529 View details United States IT
    Ransomware assurified.com id28530 View details United States Finance / Legal / Insurance
    Ransomware baldinger-ag.ch id28531 View details Switzerland Manufacturing / Engineering
    Ransomware lamaisonducitron.com id28532 View details France Agriculture / Food
    Ransomware protectasecurity.pe id28533 View details Peru Finance / Legal / Insurance
    Ransomware netromsoftware.ro id28534 View details Romania IT
    Ransomware sella.eng.br id28535 View details Brazil Construction / Real Estate
    Ransomware polleninformation.at id28536 View details Austria Healthcare / Medicine
    Ransomware sansirostadium.com id28537 View details Iran, Islamic Republic of Hospitality / Food & Beverage / Tourism
    Ransomware siapenet.gov.br id28538 View details Brazil Public Sector
    Ransomware certifiedinfosec.com id28539 View details United States Education
    Ransomware aliorbank.pl id28540 View details Poland Finance / Legal / Insurance
    Ransomware bms.com id28541 View details United States Healthcare / Pharma
    Ransomware minerasancristobal.com id28542 View details Mexico Energy
    Ransomware prixet.com id28543 View details IT
    Ransomware hl.co.uk id28544 View details United Kingdom Finance / Legal / Insurance
    Ransomware compensatii.gov.md id28545 View details Moldova, Republic of Public Sector
    Ransomware mahidol.ac.th id28546 View details Thailand Education
    Ransomware corahperu.org id28547 View details Peru Public Sector
    Ransomware amtaar.com id28548 View details United Arab Emirates Agriculture / Food
    Ransomware banak.com id28549 View details Türkiye Retail / E-commerce
    Ransomware bankasia-bd.com id28550 View details Bangladesh Finance / Legal / Insurance
    Ransomware bg.ac.rs id28551 View details Serbia Education
    Ransomware novoair-bd.com id28552 View details Bangladesh Transportation / Travel / Logistics
    Ransomware seit.cl id28553 View details Chile IT
    Ransomware gedco.ps id28554 View details Palestine, State of Energy
    Ransomware haca.ma id28555 View details Morocco Public Sector
    Ransomware shj.ae id28556 View details United Arab Emirates Public Sector
    Ransomware moccae.gov.ae id28557 View details United Arab Emirates Public Sector
    Ransomware vanheyghenstaal.be id28558 View details Belgium Manufacturing / Engineering
    Ransomware isosl.be id28559 View details Belgium Healthcare / Medicine
    Ransomware doghairinc.com id28560 View details United States Services
    Ransomware dpwh.gov.ph id28561 View details Philippines Public Sector
    Ransomware iam.ma id28562 View details Morocco Telecommunications
    Ransomware ires.ma id28563 View details Morocco Public Sector
    Ransomware 2m.ma id28564 View details Morocco Communication / Marketing
    Ransomware centrum.sk id28565 View details Slovakia Communication / Marketing
    Ransomware asunim.co id28566 View details Colombia Energy
    Ransomware egov.sc id28567 View details Seychelles Public Sector
    Ransomware phb.com id28568 View details Germany Finance / Legal / Insurance
    Ransomware whessoe.com.my id28569 View details Malaysia Manufacturing / Engineering
    Ransomware olpro.com.my id28570 View details Malaysia Manufacturing / Engineering
    Ransomware ifmis.go.ke id28571 View details Kenya Public Sector
    Ransomware algosaibi-gtb.com id28572 View details Saudi Arabia Manufacturing / Engineering
    Ransomware alx-pc.com id28573 View details Germany Education
    Ransomware arrawdah.org.sa id28574 View details Saudi Arabia NGOs / Associations
    Ransomware cofaco.com id28575 View details Colombia Agriculture / Food
    Ransomware dunav.com id28576 View details Serbia Finance / Legal / Insurance
    Ransomware grupo-principal.com id28577 View details Mexico Construction / Real Estate
    Ransomware jgpetrucci.com id28578 View details United States Construction / Real Estate
    Ransomware medikaplaza.com id28579 View details Pakistan Healthcare / Medicine
    Ransomware providentgh.com id28580 View details Ghana Finance / Legal / Insurance
    Ransomware tni.mil.id id17783 View details Indonesia Other
    Ransomware autogedal.ro id17616 View details Romania Transportation / Travel
    Ransomware boostheat.com id17231 View details France Manufacturing / Engineering
    Ransomware mistralsolutions.com id17174 View details India Services
    Ransomware India car owners id17173 View details India Telecommunications
    Ransomware coel.com.mx id17125 View details Mexico Communication / Marketing
    Ransomware realtaxcanada.com id17121 View details Canada Finance / Legal / Insurance