ShadowByt3$ is a ransomware-as-a-service group first observed in October 2025, using multi-method extortion and communicating via Telegram and Tox, with a very small confirmed victim list suggesting it remains in early-stage operation.
12
Victims
Feb 17, 2026
First Discovered
Jun 16, 2026
Last Discovered
2
Days Inactive
22.2%
Infostealer
2/4
Sites Online
Victims (12)
TINYpulse NINTENDO BREACH (nintendo.com)
JP
Technology
Discovered: Jun 16, 2026 · Attack est.: Jun 16, 2026
This will be quick. You don't even want to read the private messages as some will be embarrasing. Some people are confused but this breach doesn't affect you unless if...
Nintendo Company (Nintendo.com)
JP
Technology
Discovered: Jun 12, 2026 · Attack est.: Jun 12, 2026
proof: https://mega.nz/folder/3kBzQKgR#rIhDePsPMeFpfEGTPopDVQ We are ShadowByt3$ a extortion as a service group. We stole close enough to 1gb. You have 48 hours to contact us nintendo or all data gets leaked....
Lead Company (Leadership Boulevard)
Business Services
Discovered: Jun 2, 2026 · Attack est.: Jun 2, 2026
Company Site: leadschool.in size: 765.9MB This is will be quick. The following schools are affected: The specific schools explicitly named in the exfiltrated folders include: - Arya Vidyapith - Aakarsh...
Cropwise (Syngenta Group)
CH
Agriculture and Food Production
Discovered: Jun 2, 2026 · Attack est.: Jun 2, 2026
We have breached you and gained access to the following portals: https://operations.cropwise.com/d/users/sign_in https://accounts.cropwise.com/signin proof: https://mega.nz/folder/25hkSLgY#ELjJaFie-TfES9Z_47KFZA company url: https://operations.cropwise.com/ We are ShadowByt3$ a Extortion as a service group. You have been...
Hotelogix Company (Hotelogix.com)
IN
Hospitality and Tourism
Discovered: May 21, 2026 · Attack est.: May 21, 2026
Should've not messed with us Hotelogix. We gave you guys numerous times to reach back and proceed with payment but you decided to fuck around and you found out. Any...
Stride Learning
US
Education
Discovered: May 14, 2026 · Attack est.: May 14, 2026
Stride Learning Should've Paid the ransom. We were only asking $500,000 in bitcoin or monero it's not that hard. This is a warning to all companies that if you don't...
Amplify Technology
GB
Technology
Discovered: May 14, 2026 · Attack est.: May 14, 2026
Amplify technology has been a victim of an attack. There project they were working on with the pakistan and other countries got stolen. We stole 1.69Gb of data. for all...
University Of Georgia
US
Education
Discovered: May 14, 2026 · Attack est.: May 14, 2026
ShadowByt3$ has breached University of Georgia. The full data is on are leak site. We stole approximately 3.2 MB in raw text files. No customers were affected just exployees the...
Hotelogix
SG
Hospitality and Tourism
Discovered: May 14, 2026 · Attack est.: May 14, 2026
We are ShadowByt3$. We have claimed responsibility for hacking Hotelogix. They have been breached through there amazon s3 buckets and azure blobs. They were misconfigured which allowed us to scrape...
PowerCampus
IN
Education
Discovered: May 14, 2026 · Attack est.: May 13, 2026
Cloud-based school management and collaboration platform targeting educational institutes in India, covering online fee payments, exam management, online admissions, teacher-parent communication, and e-learning continuity.
StarBucks Company (StarBucks.com
US
Hospitality and Tourism
Discovered: May 21, 2026 · Attack est.: Mar 31, 2026
StarBucks Failed to reach out to us and didn't pay even $500,000 when we know they can afford it. It's not even that much we were asking for. Since you...
UMSA
Discovered: Feb 25, 2026 · Attack est.: Feb 17, 2026
File: UMSA_LEAK.7z