blackshrantac
Intelligence Profile
BlackShrantac is a ransomware group that emerged in late 2025, targeting organizations in manufacturing, financial services, technology, and the public sector globally, employing double-extortion combined with living-off-the-land techniques to weaponize legitimate tools and disable defenses before encrypting files.
Threat Analysis
blackshrantac is a ransomware operation that deploys encryption-based extortion against organizations globally. This group maintains a data leak site (DLS) to pressure victims into paying ransom demands.
Financially motivated threat actors like blackshrantac prioritize monetary gain through methods such as ransomware deployment, banking trojans, cryptocurrency theft, BEC scams, or credential harvesting for resale on underground markets.
Ransomware Victims (46)
CTIWATCH tracks 46 organizations claimed as victims by blackshrantac on its data leak site, with attack dates, sectors and countries.
View full victims list →