bavacai
Ransomware group profile
26Victims
Description
No description available for this group.
Threat Level & Status Breakdown
For bavacai · Based on incidents in selected period
2.9threat level
Aggressiveness6/ 10
Lethality0/ 10
Criticality2.6/ 10
Status Breakdown
Claimed100.0%26
First seenNov 2025
Last seenJun 2026
Avg ransom—
Payment rate—
Recent activity
Monthly attack count for bavacai in the selected period
26Total attacks
23peak in May
8.7avg / month
↑ 1 vs first month
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for bavacai
Collection
T1005
Data from Local System
Defense Evasion
T1562
Impair Defenses
T1036
Masquerading
Execution
T1059
Command and Scripting Interpreter
T1105
Ingress Tool Transfer
Impact
T1486
Data Encrypted for Impact
T1490
Inhibit System Recovery
Lateral Movement
T1021
Remote Services
T1021.001
Remote Desktop Protocol
Other
T1203
T1203
Persistence
T1078
Valid Accounts
T1547
Boot or Logon Autostart Execution
Victims(26)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Bd | — | CH Switzerland | — | Claimed | 6 days ago | |
| Dolrad | — | — | — | Claimed | 18 days ago | |
| Mairie Thiverval Grignon | — | FR France | Government & Defense | Claimed | 24 days ago | |
| Dadolighting | — | — | Manufacturing | Claimed | 27 days ago | |
| T Online | — | — | — | Claimed | 27 days ago | |
| FunkeScheid | — | — | — | Claimed | 27 days ago | |
| Sgs Gmbh | — | — | Other | Claimed | 30 days ago | |
| Karneslegal | — | US United States | Professional Services | Claimed | about 1 month ago | |
| Estrela | — | IN India | Technology | Claimed | about 1 month ago | |
| Estrela Industrial | — | BR Brazil | Manufacturing | Claimed | about 1 month ago | |
| Elken Sdn Bhd | — | MY Malaysia | Healthcare | Claimed | about 2 months ago | |
| Bandeirante Supermercados | — | BR Brazil | Retail & E-Commerce | Claimed | about 2 months ago | |
| Strategic Imports | — | AU Australia | Manufacturing | Claimed | about 2 months ago | |
| Magnolia (Israel) | — | IL Israel | Retail & E-Commerce | Claimed | about 2 months ago | |
| Atencio Engineering | — | US United States | Other | Claimed | about 2 months ago | |
| SIT Group / Robusta | — | BG Bulgaria | Professional Services | Claimed | about 2 months ago | |
| Desert Christian Schools (DCS) | — | US United States | Education | Claimed | about 2 months ago | |
| CourtSmart | — | US United States | Government & Defense | Claimed | about 2 months ago | |
| Hathcock (Personal) | — | — | — | Claimed | about 2 months ago | |
| ActionAid / TACOSA | — | TZ Tanzania | Government & Defense | Claimed | about 2 months ago |
Page 1 of 2
Affected countries(11)
Countries where this group has been reported to target or leak victims.