Arvinclub

Compare

Parsing: enabled

Description

Arvin Club first appeared around early to mid-2021, debuting on its Tor leak site with posts dating back to May 5, 2021. While frequently characterized as ransomware, there is no verified evidence of file encryption or RaaS operations—its behavior aligns more closely with data-leak and hacktivist activity. The group actively publishes stolen data via its Onion site and maintains a prominent presence on Telegram, operating both official channels and group chats (notably with Persian-language content). A known target includes India's Kendriya Vidyalaya school network among others. Arvin Club has shown ideological leanings (notably support for REvil) and claims to have “hacktivist” motivations, including activities against the Iranian regime. No encryption algorithms, file extensions, or ransom notes have been publicly documented.

External Analysis2

External Analysis
https://cloudsek.com/ar/threatintelligence/ransomware-group-profile-arvin-club
https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/arvin-club

Telegram1

Telegram
http://t.me/arvin_club

Urls2

Url	Status	Screen	Uptime 30d	Health
http://3kp6j22pz3zkv76yutctosa6djpj4yib2icvdqxucdaxxedumhqicpad.onion/	Down		0%
http://arvinc7prj6ln5wpd6yydfqulsyepoc7aowngpznbn3lrap2aib6teid.onion/	Down		0%

Activity (interactive) 39

Posts39

Date	Title	Description
2023-10-15	Islamic Azad University Electronic Campus	https://ec.iau.ir
2023-10-14	Jahesh Innovation	https://jahesh.co
2023-10-14	Kimia Tadbir Kiyan	https://ktkco.ir
2023-10-08	Islamic Azad University of Shiraz	https://shiraz.iau.ir
2023-10-02	Pasouk biological company	https://pasouk.ir
2023-10-01	Shirin Travel Agency	http://anonissfireenterfdks2u53jqevumbu6hjm35ioorsa7eq5bsjlucad.onion/do.php?filename=bd413d1583d4b7dc9901121.rar
2023-09-02	Aban Tether & OK exchange	https://abantether.com https://ok-ex.io
2023-08-23	sti company	https://sticompany.co
2023-08-19	Bitimen	https://bitimen.com
2023-08-19	AFTA Isfahan	https://ito.gov.ir/fa/afta
2023-08-19	hamyari Shahrdari golestan	http://hamyarigolestan.ir
2023-08-19	Haraz dairy	http://doosheh.com
2023-08-19	150k sib360 Database	https://sib360.com
2023-08-19	Padena Factory	https://padenacc.ir
2023-08-19	seaside-kish co	https://www.sendspace.com/file/0oiz9f
2023-08-19	Draje food industrial group	https://draje.ir
2023-08-19	Parsian Bitumen	https://www.parsianbitumen.com
2023-08-19	Sabalan Azmayesh	https://www.sabalanmedical.ir
2023-07-13	Bitimen exchange	Bitimen
2022-04-21	Al Bijjar
2022-04-20	AM International
2022-03-20	stormous
2022-03-12	bedfordshire.police.uk
2022-01-31	elitemate.com
2021-11-28	afcx.co
2021-10-24	vidisha.kvs.ac.in
2021-10-22	Revil
2021-09-20	Bureau van Dijk(bvdinfo.com)
2021-09-10	Compilation of Many Breaches (COMB)
2021-09-09	USA 280M
2021-09-09	CardPayPortal
2021-09-09	33M Bank Mellat – Iran
2021-09-09	Etoudplus.ir
2021-09-09	Beh Pardakht Mellat Cards
2021-09-09	RockYou2021
2021-09-09	UtAir
2021-09-09	Leiden University Hacked
2021-09-09	For Press
2021-09-09	T-Mobile