All ransomware groups
osiris
2 tracked victims
·first seen 2025-12-10·last activity 2026-01-09Group profile
Osiris is a ransomware-as-a-service operation first observed in November 2025 that uses a Bring Your Own Vulnerable Driver (BYOVD) technique to disable endpoint detection tools before deploying hybrid ECC + AES-128-CTR encryption; Symantec researchers linked its operators to former INC ransomware affiliates.
Recent victims
| Date | Website / victim | Sector | Country |
|---|---|---|---|
| 2026-01-09 |  American Vanguardamerican-vanguard.com | Manufacturing | US |
| 2025-12-10 |  The Araneta Grouparanetacity.com | Hospitality and Tourism | PH |