Ransomware - Unsafe

Unsafe
Aliases
UnsafeBlog
UnsafeLeaks
Unsafe Security Blog
Decryptor Available
No
Description

Unsafe, UnsafeLeaks, or Unsafe (Security) Blog, is not a ransomware group. You won't find details about encryption types, ransom notes, file extensions, or any samples. Instead, Unsafe is a data broker group that acts as a middleman between those seeking to buy data and ransomware groups who stole the data in the first place. Thus, the victims below could be found in other ransomware group's victim lists. According to JUMPSEC, this group is believed to have used data stolen from REvil and ALPHV (BlackCat). Furthermore, the individual(s) behind this operation use unorthodox blackmailing attempts, such as displaying explicit photos of organization employees. As middlemen, they negotiate the sale of the data for an unknown fee, which is how they make their money.

Ransomware Type
Data Broker
First Seen
Extortion Types
Blackmail
Double Extortion
Free Data Leaks
Communication
Médio
Identificador
Tox
Tox
Crypto Wallets
Blockchain Type
Crypto Wallet
BTC
bc1ql0fd3jl2jjxl5wv6gjf3ptcxaan2xmppxzvqvg
ETH
0x669a17663Ef727438aC9Fb850Ea70A222163FcFf
Industry Sector País Extortion Date Amount (USD)
EnergyUnited States
EducationUnited States
TransportationAustria
ManufacturingUnited States
Aerospace & AviationSwitzerland
AutomotiveFrance
HospitalityKuwait
HospitalityOman
GovernmentUnited States
Food & BeverageUnited States
LegalUnited States
UtilitiesUnited States
EducationUnited States
References & Publications