Arvinclub
Parsing : Enabled
Description
Arvin Club first appeared around early to mid-2021, debuting on its Tor leak site with posts dating back to May 5, 2021. While frequently characterized as ransomware, there is no verified evidence of file encryption or RaaS operations—its behavior aligns more closely with data-leak and hacktivist activity. The group actively publishes stolen data via its Onion site and maintains a prominent presence on Telegram, operating both official channels and group chats (notably with Persian-language content). A known target includes India's Kendriya Vidyalaya school network among others. Arvin Club has shown ideological leanings (notably support for REvil) and claims to have “hacktivist” motivations, including activities against the Iranian regime. No encryption algorithms, file extensions, or ransom notes have been publicly documented.
| External Analysis |
| https://cloudsek.com/ar/threatintelligence/ransomware-group-profile-arvin-club |
| https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/arvin-club |
| Telegram |
| http://t.me/arvin_club |
| Urls |
Screen |
| http://3kp6j22pz3zkv76yutctosa6djpj4yib2icvdqxucdaxxedumhqicpad.onion/ |
|
| http://arvinc7prj6ln5wpd6yydfqulsyepoc7aowngpznbn3lrap2aib6teid.onion/ |
Screen |
Posts
| Date |
Title |
Description |
Screen |
| 2023-10-15 |
Islamic Azad University Electronic Campus |
https://ec.iau.ir |
|
| 2023-10-14 |
Jahesh Innovation |
https://jahesh.co |
|
| 2023-10-14 |
Kimia Tadbir Kiyan |
https://ktkco.ir |
|
| 2023-10-08 |
Islamic Azad University of Shiraz |
https://shiraz.iau.ir |
|
| 2023-10-02 |
Pasouk biological company |
https://pasouk.ir |
|
| 2023-10-01 |
Shirin Travel Agency |
http://anonissfireenterfdks2u53jqevumbu6hjm35ioorsa7eq5bsjlucad.onion/do.php?filename=bd413d1583d4b7dc9901121.rar |
|
| 2023-09-02 |
Aban Tether & OK exchange |
https://abantether.com https://ok-ex.io |
|
| 2023-08-23 |
sti company |
https://sticompany.co |
|
| 2023-08-19 |
Bitimen |
https://bitimen.com |
|
| 2023-08-19 |
AFTA Isfahan |
https://ito.gov.ir/fa/afta |
|
| 2023-08-19 |
hamyari Shahrdari golestan |
http://hamyarigolestan.ir |
|
| 2023-08-19 |
Haraz dairy |
http://doosheh.com |
|
| 2023-08-19 |
150k sib360 Database |
https://sib360.com |
|
| 2023-08-19 |
Padena Factory |
https://padenacc.ir |
|
| 2023-08-19 |
seaside-kish co |
https://www.sendspace.com/file/0oiz9f |
|
| 2023-08-19 |
Draje food industrial group |
https://draje.ir |
|
| 2023-08-19 |
Parsian Bitumen |
https://www.parsianbitumen.com |
|
| 2023-08-19 |
Sabalan Azmayesh |
https://www.sabalanmedical.ir |
|
| 2023-07-13 |
Bitimen exchange |
Bitimen |
|
| 2022-04-21 |
Al Bijjar |
|
|
| 2022-04-20 |
AM International |
|
|
| 2022-03-20 |
stormous |
|
|
| 2022-03-12 |
bedfordshire.police.uk |
|
|
| 2022-01-31 |
elitemate.com |
|
|
| 2021-11-28 |
afcx.co |
|
|
| 2021-10-24 |
vidisha.kvs.ac.in |
|
|
| 2021-10-22 |
Revil |
|
|
| 2021-09-20 |
Bureau van Dijk(bvdinfo.com) |
|
|
| 2021-09-10 |
Compilation of Many Breaches (COMB) |
|
|
| 2021-09-09 |
USA 280M |
|
|
| 2021-09-09 |
CardPayPortal |
|
|
| 2021-09-09 |
33M Bank Mellat – Iran |
|
|
| 2021-09-09 |
Etoudplus.ir |
|
|
| 2021-09-09 |
Beh Pardakht Mellat Cards |
|
|
| 2021-09-09 |
RockYou2021 |
|
|
| 2021-09-09 |
UtAir |
|
|
| 2021-09-09 |
Leiden University Hacked |
|
|
| 2021-09-09 |
For Press |
|
|
| 2021-09-09 |
T-Mobile |
|
|