Back to Threat Groups

eraleign (apt73)

ACTIVE

ransomware group

Rebrand to Bashe in October 2024. <br/>Eraliegn, self-styled as APT73 and formerly known as Bashe, surfaced in April 2024. Rather than conducting real ransomware campaigns, the group specializes in fabricating data breach narratives, curating or reusing existing leaked data (often from years-old breaches) and presenting it on a Tor-hosted leak site to project credibility. They claim to have breached organizations across sectors—such as banking, travel, manufacturing, and IT—targeting entities in countries including the United Kingdom, India, Indonesia, France, and Canada. However, threat analysis shows these claims are deceptive in nature rather than demonstrative of technical prowess or active network compromise.

Victims

6

First Seen

Jun 22, 2024

Last Active

Apr 13, 2026

Victims (6)

ifmis.go.ke

eraleign (apt73)🇰🇪 KE

Integrated Financial Management Information System (IFMIS) is a government system in Kenya that i...

Governmentifmis.go.ke

whessoe.com.my

eraleign (apt73)🇲🇾 MY

Whessoe Engineering (Malaysia) Sdn Bhd is an engineering company in Malaysia that designs and bui...

Manufacturingwhessoe.com.my

olpro.com.my

eraleign (apt73)🇲🇾 MY

OLPRO Engineering Sdn Bhd is an engineering company in Malaysia that designs and manufactures ind...

Manufacturingolpro.com.my

phb.com

eraleign (apt73)🇲🇾 MY

PHB Inc. is an industrial company in the United States that manufactures equipment and metal stru...

Manufacturingphb.com.my

egov.sc

eraleign (apt73)🇸🇨 SC

eGov Seychelles is a government portal in Seychelles that provides online public services and ele...

Governmentegov.sc

asunim.co

eraleign (apt73)🇸🇰 SK

Asunim is a company operating in the field of renewable energy, which is engaged in the developme...

Energyasunim.co

Infrastructure

leak site
ONLINE
http://basheqtvzqwz4vp6ks5lm2ocq7i6tozqgf6vjcasj4ezmsy4bkpshhyd.onion/

never crawled

leak site
ONLINE
http://bashed52orwi7qoyvmcfkdnuaogta4inpojfd6cthzkp4qpsq64ux4ad.onion

never crawled

leak site
ONLINE
http://bashedl53memptddxzb4kr5mnkzse4fmhpqeq7jb4srndswar46nofid.onion

never crawled

leak site
ONLINE
http://bashefe5uezp2jtxpk24b2pyfnnfyguicgrgqufgu57mfluegotbeayd.onion

never crawled

leak site
ONLINE
http://bashei5oy4zvmf2letnupwhgprdkjyssm3zxj2oyr6wfezkf3elehzqd.onion

never crawled

leak site
OFFLINE
http://eraleignews.com/

never crawled

leak site
OFFLINE
http://wn6vonooq6fggjdgyocp7bioykmfjket7sbp47cwhgubvowwd7ws5pyd.onion/

never crawled

leak site
OFFLINE
http://bashe4aec32kr6zbifwd5x6xgjsmhg4tbowrbx4pneqhc5mqooyifpid.onion/

never crawled

leak site
OFFLINE
http://7bbqrijcds5sgji3kiwo5o5qgxfgoyufykhzfdo6xl3qbdes2e7tdyad.onion

never crawled

leak site
OFFLINE
http://qku4reiyfcs2vqq5tow2uprhyqhweo56lrgs6457svr3ej4ton5frkad.onion

never crawled