RANSOMWARE OPERATION💰 FINANCIAL
aware
1
aliases
Intelligence Profile
Aware is a recently emerged ransomware group that operates a Tor-based data leak site with very limited public documentation and no publicly catalogued victims, tools, or TTPs in major threat intelligence databases.
Threat Analysis
aware is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like aware prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Intelligence Reports Mentioning aware
2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience
The Hacker News· Jul 1, 2026
Schneider Electric EcoStruxure IT Data Center Expert
CISA Alerts· Jun 30, 2026
Schneider Electric PowerLogic P7
CISA Alerts· Jun 25, 2026
Indian auto giant Bajaj Auto hit by ransomware incident
The Record· Jun 24, 2026
Impact of Linux Kernel vulnerabilities on B&R products
CISA Alerts· Jun 23, 2026
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products
CISA Alerts· Jun 18, 2026
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
CISA Alerts· Jun 18, 2026
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
The Hacker News· Jun 17, 2026
External References
Quick Facts
TypeRansomware Operation
Motivation💰 financial
Aliases1
Also Known As
aware
DLS Infrastructure
○ OFFLINEui2uleaiisccbtcooyi34cy5u3plpd5wraiza6wtibolshuf7tnzziid.onion
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.