Ransomware Group intelligence
D1R
ActiveTrack D1R with 6 published victims and 1 known leak locations in a single intelligence view.
Overview
D1R is tracked by Breach House as a ransomware group with 6 published victims.
Germany is currently the most targeted country in this dataset.
1 known leak locations are currently associated with this group.
Top Countries
Interactive distribution based on the currently visible victims list.
Known Leak Locations (1)
| Label | Type | Availability | Links |
|---|---|---|---|
| Leak location 1 | Web location | Unknown | dirone3rl3vvq64ckcnrvhe2ogrhjrwu5u7hqzrlotu3rfvmqmmbsuqd.onion/items |
Top Activity Sectors
No sector intelligence available.
Ransom Notes (0)
▼No ransom notes available for this group.
Tools Used
▼No tools used available.
YARA Rules (0)
▼No YARA rules available.
Indicators of Compromise (0)
▼No IoCs available for this group.
Negotiation Chats (0)
▼No negotiation chats available.
Research Sources
No external research sources linked yet.
Victims (6)
Search, filter and paginate the victim timeline for D1R. Showing 1–6 of 6.
| Type | Target | Discovered | Country | Business Category | Intel Link |
|---|---|---|---|---|---|
| Ransomware | Bosch id30515 View details | Germany | Manufacturing / Engineering | — | |
|
Bosch.de is a leading German-based multinational engineering and technology company that operates in the manufacturing sector, offering a wide range of products and services. The company is headquartered in Gerlingen, Germany, and is known for its innovative solutions in areas such as automotive, industrial technology, and consumer goods. Bosch.de was listed as a ransomware victim associated with D1R |
|||||
| Ransomware | Bosch id30515 View details | Germany | Manufacturing / Engineering | — | |
|
Again, thanks to database Synopsys provided us with After analyzing technical leaks by other groups and cross-referencing targets from TARGETLIST.txt A company access was found and in the archives, a $10,000 gem: Bosch CAN module implementation Now it is going for free for every engineer and car enthusiast, thanks to Synopsys providing us with neat roadmap to tech sector Sorry, Bosch, you got third-partied! Call the Synopsys CEO and thank them for letting us all know where the valuable data is! |
|||||
| Ransomware | ARM id30516 View details | United Kingdom | IT | — | |
|
Arm.com is a leading technology company based in the United Kingdom, operating in the IT sector. The company designs and licenses intellectual property, including microprocessor architectures and related technologies. Arm.com was listed as a ransomware victim associated with D1R |
|||||
| Ransomware | ARM id30516 View details | United Kingdom | IT | — | |
|
Thanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-referenced and thoroughly analyzed One of the leaked companies gave our team access to ARM center Severely incapacitated by 2FA email/sms-code required by ARM on every step, we were still able to download an interesting tool: Athena Download Manager That requires an SSL certificate of a company that owns ARM products, and downloading by means of Athena allows to bypass multiple 2FA checks that are required when downloading same files from www.arm.com This is now free for download to any reverse engineer on Earth and beyond, thanks to Synopsys company data negligence: |
|||||
| Ransomware | Synopsys id30517 View details | United States | IT | — | |
|
Synopsys.Com is a leading American technology company operating in the IT sector, providing software and services to various industries. The company is headquartered in the United States and offers a range of products and solutions, including software security and quality solutions. Synopsys.Com was listed as a ransomware victim associated with D1R |
|||||
| Ransomware | Synopsys id30517 View details | United States | IT | — | |
|
Data, Leak |
|||||