← Back to Ransomware Chk
ShadowByt3$
Inactive
ShadowByt3$ is a ransomware-as-a-service group first observed in October 2025, using multi-method extortion and communicating via Telegram and Tox, with a very small confirmed victim list suggesting it remains in early-stage operation.
1
Victims
Feb 25, 2026
First Discovered
Feb 25, 2026
Last Discovered
67
Days Inactive
0%
Infostealer
0/2
Sites Online
Known Locations (2)
Leaks
mfbbt65kir2drc7tuoukwibikgvxquauscnzgbeltkmidjtgqlzm2qad.onion
ShadowByt3$
shadowbyt3s.8bit.ca
Victims (1)
UMSA
Discovered: Feb 25, 2026 · Attack est.: Feb 17, 2026
File: UMSA_LEAK.7z