All ransomware incidents
Ransomware group D1R hits ARM
ARM — a technology target operating in GB has been listed by the D1R ransomware group on 2026-07-13. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | ARM |
|---|---|
| Threat Group | D1R |
| Summary | Thanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-referenced and thoroughly analyzed One of the leaked companies gave our team access to ARM center Severely incapacitated by 2FA email/sms-code required by ARM on every step, we were still able to download an interesting tool: Athena Download Manager That requires an SSL certificate of a company that owns ARM products, and downloading by means of Athena allows to bypass multiple 2FA checks that are required when downloading same files from www.arm.com This is now free for download to any reverse engineer on Earth and beyond, thanks to Synopsys company data negligence: |
| Date of Breach | 2026-07-13 |
| Discovery Date | 2026-07-13 |
| Region | GB |
| Target Domain | arm.com |
| Business Sector | Technology |
| Severity | MEDIUM |
Claim by D1R
Thanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-referenced and thoroughly analyzed One of the leaked companies gave our team access to ARM center Severely incapacitated by 2FA email/sms-code required by ARM on every step, we were still able to download an interesting tool: Athena Download Manager That requires an SSL certificate of a company that owns ARM products, and downloading by means of Athena allows to bypass multiple 2FA checks that are required when downloading same files from www.arm.com This is now free for download to any reverse engineer on Earth and beyond, thanks to Synopsys company data negligence:
Posted by the D1R threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

