A brand new cybercrime group calling itself 0APT has claimed to have breached a whole lot of main corporations, however safety specialists now say the entire thing is probably going a mere bluff.<\/p>\n
In line with researchers at GuidePoint\u2019s Analysis and Intelligence Group (GRIT), the group is utilizing a mixture of faux names and actual corporations to trick companies into paying ransoms for knowledge that was by no means truly stolen. <\/p>\n
Researchers additionally state that they’ve seen no proof that any of those victims have been truly hacked, describing the lists as \u201cwholly fabricated generic firm names and recognisable organisations.\u201d<\/p>\n
A \u201cStaggering\u201d Variety of Faked Victims<\/strong><\/h3>\nMost new hacking teams, as we all know them, begin small. Nevertheless, 0APT appeared on 28 January 2026 and instantly claimed over 200 victims in only one week. This \u201cstaggering\u201d velocity, GRIT famous, induced speedy suspicion amongst specialists.<\/p>\n
The group\u2019s web site, which seemed like a typical website for leaking stolen knowledge<\/a>, immediately went offline on 8 February after experiences surfaced that their numbers didn\u2019t add up. It reappeared the subsequent day, however with the record slashed to simply 15 massive worldwide organisations. The staff additionally discovered that for a few of these \u201cvictims,\u201d there had been no break-in in any respect.<\/p>\nCuriously, the group\u2019s leak website interface intently resembles one beforehand utilized by ShinyHunters and an related group, the place databases from corporations similar to SoundCloud, Crunchbase, and Betterment have been leaked final month<\/a>.<\/p>\n\n![\"\"](\"https:\/\/hackread.com\/wp-content\/uploads\/2026\/02\/New-0APT-Group-Fabricating-Victim-Lists.png\")
<\/a>0APT\u2019s knowledge leak website<\/figcaption><\/figure>\n<\/div>\nAdditional analysis resulted within the staff discovering a easy however efficient trick behind the group\u2019s \u201cleaks.\u201d They famous that \u201cthe group\u2019s servers are doubtless piping a stream of \/dev\/random<\/code> straight into the person\u2019s browser.\u201d Principally, they’re sending ineffective digital \u201cnoise\u201d to a person\u2019s laptop to make it appear like a large, 20GB encrypted file is being downloaded.<\/p>\nScamming Each Corporations and Criminals<\/strong><\/h3>\nEven with out a actual hack, 0APT remains to be in search of a payday. As per GuidePoint\u2019s weblog publish<\/a>, shared completely with Hackread.com, the group is perhaps attempting to \u201cre-extort\u201d corporations utilizing previous knowledge stolen by different teams years in the past.<\/p>\nResearchers famous that 0APT is following a sample set by different \u201cfabulist\u201d or fake teams. For instance, a gaggle known as RansomedVC<\/a> was identified to purchase previous stolen knowledge and even \u201ccreate fictitious knowledge to deceive certainly one of their victims\u201d again in 2023. One other group, FunkSec, used easy instruments to construct faux credibility for their very own boards and public sale websites.<\/p>\n
Curiously, the group\u2019s leak website interface intently resembles one beforehand utilized by ShinyHunters and an related group, the place databases from corporations similar to SoundCloud, Crunchbase, and Betterment have been leaked final month<\/a>.<\/p>\n Additional analysis resulted within the staff discovering a easy however efficient trick behind the group\u2019s \u201cleaks.\u201d They famous that \u201cthe group\u2019s servers are doubtless piping a stream of Even with out a actual hack, 0APT remains to be in search of a payday. As per GuidePoint\u2019s weblog publish<\/a>, shared completely with Hackread.com, the group is perhaps attempting to \u201cre-extort\u201d corporations utilizing previous knowledge stolen by different teams years in the past.<\/p>\n Researchers famous that 0APT is following a sample set by different \u201cfabulist\u201d or fake teams. For instance, a gaggle known as RansomedVC<\/a> was identified to purchase previous stolen knowledge and even \u201ccreate fictitious knowledge to deceive certainly one of their victims\u201d again in 2023. One other group, FunkSec, used easy instruments to construct faux credibility for their very own boards and public sale websites.<\/p>\n<\/a>\/dev\/random<\/code> straight into the person\u2019s browser.\u201d Principally, they’re sending ineffective digital \u201cnoise\u201d to a person\u2019s laptop to make it appear like a large, 20GB encrypted file is being downloaded.<\/p>\nScamming Each Corporations and Criminals<\/strong><\/h3>\n
![\"\"](\"https:\/\/hackread.com\/wp-content\/uploads\/2026\/02\/New-0APT-Group-Fabricating-Victim-Lists-1.png\")
<\/a>