argonauts group

ransomware group

Argonauts Group is a data extortion operation that surfaced around September–October 2024, primarily targeting organizations in Italy, as well as entities in Taiwan, Japan, Canada, and the U.S. It does not appear to use conventional file-encryption ransomware methods—instead, it steals data and operates a dedicated data leak site (DLS) to pressure victims into paying. Victims span sectors like technology, manufacturing, transportation/logistics, and healthcare. The group has claimed to steal substantial volumes of sensitive information—e.g., 200 GB from Ivy Life Sciences (Taiwan) and 140 GB from Japan’s Zacros—and publicly disclosed some samples on its leak site. Although some references imply prior activity back to October 2021, these appear to be less reliable and not substantiated by authoritative intel. As of now, there is no clear evidence of traditional ransomware encryption, ransom notes, or RaaS infrastructure.