HackerFeeds
All ransomware incidents
arm.com

Ransomware group D1R hits ARM

MEDIUM
·Technology·GB·2026-07-13

ARM — a technology target operating in GB has been listed by the D1R ransomware group on 2026-07-13. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationARM
Threat Group
D1R
SummaryThanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-referenced and thoroughly analyzed One of the leaked companies gave our team access to ARM center Severely incapacitated by 2FA email/sms-code required by ARM on every step, we were still able to download an interesting tool: Athena Download Manager That requires an SSL certificate of a company that owns ARM products, and downloading by means of Athena allows to bypass multiple 2FA checks that are required when downloading same files from www.arm.com This is now free for download to any reverse engineer on Earth and beyond, thanks to Synopsys company data negligence:
Date of Breach2026-07-13
Discovery Date2026-07-13
RegionGB
Target Domainarm.com
Business SectorTechnology
Severity
MEDIUM

Claim by D1R

Thanks to leaked database by Synopsys, a roadmap was provided Many other group leaks were cross-referenced and thoroughly analyzed One of the leaked companies gave our team access to ARM center Severely incapacitated by 2FA email/sms-code required by ARM on every step, we were still able to download an interesting tool: Athena Download Manager That requires an SSL certificate of a company that owns ARM products, and downloading by means of Athena allows to bypass multiple 2FA checks that are required when downloading same files from www.arm.com This is now free for download to any reverse engineer on Earth and beyond, thanks to Synopsys company data negligence:

Posted by the D1R threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.