Datacarry
Parsing : Enabled
Description
DataCarry is a newly observed ransomware and data-extortion operation, first seen in May 2025. It operates a double-extortion model, exfiltrating data and threatening publication via a Tor-hosted portal. The group has already claimed multiple victims across diverse sectors including insurance, healthcare, real estate, retail, and aerospace in countries such as Latvia, Belgium, Türkiye, South Africa, Switzerland, Denmark, and the United Kingdom. The rapid emergence and multi-country reach signal a well-organized operation.
| External Analysis |
| https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/datacarry |
| https://asec.ahnlab.com/en/88240/ |
| https://www.bitdefender.com/blog/businessinsights/bitdefender-threat-debrief-june-2025 |
| Urls |
Screen |
| http://dcarryhaih5oldidg3tbqwnde4lxljytnpvberrwgj2vlvunopd46dad.onion/ |
Screen |
Posts
| Date |
Title |
Description |
Screen |
| 2025-09-13 |
Miljödata (1 day left)🇸🇪 |
|
|
| 2025-08-15 |
Peggy Sage🇫🇷 |
|
|
| 2025-06-12 |
Món Sant Benet🇪🇸 |
|
|
| 2025-06-05 |
V² Development🇬🇷 |
|
|
| 2025-05-29 |
Alliance Healthcare IT🇮🇹 |
|
|
| 2025-05-27 |
La Maison Liégeoise🇧🇪 |
|
|
| 2025-05-27 |
Executive Jet Support🇬🇧 |
|
|
| 2025-05-27 |
alles Lægehus🇩🇰 |
|
|
| 2025-05-27 |
Mammut Sports Group🇨🇭 |
|
|
| 2025-05-27 |
FrontierCo🇿🇦 |
|
|
| 2025-05-27 |
Étude Bordet🇧🇪 |
|
|
| 2025-05-27 |
ALB Forex🇹🇷 |
|
|
| 2025-05-27 |
Balcia Insurance🇱🇻 |
|
|