A new cybercrime group, 0APT, has claimed to breach hundreds of major companies, but security experts now suggest these claims are likely a bluff. Researchers at GuidePoint’s Research and Intelligence Team (GRIT) have stated that the group is employing a strategy of using fake names and real companies to deceive businesses into paying ransoms for data that was never actually stolen. GRIT has found no evidence to support 0APT's claims of victimization, describing the provided lists as wholly fabricated generic company names and recognizable organizations, according to a recent report by HackRead.0APT emerged on January 28, 2026, and immediately claimed over 200 victims within a week, a pace that raised immediate suspicion among experts due to its unprecedented speed. The group's website, initially resembling a data leak site, went offline on February 8 after reports surfaced questioning the validity of their victim numbers. It reappeared the following day with a reduced list of 15 international organizations. Researchers discovered that the group's "leaks" involved piping random data into browsers to simulate large file downloads, creating the illusion of stolen data. The interface of 0APT's leak site also bears a striking resemblance to one previously used by ShinyHunters.The group appears to be attempting to re-extort companies by using old data stolen by other threat actors or by fabricating data entirely, a tactic seen with groups like RansomedVC and FunkSec. Additionally, 0APT may be targeting fellow criminals by demanding a Bitcoin security bond for participation, a known scam employed by groups like Mogilevich, which defrauded cybercriminals out of at least $85,000. Security experts advise companies not to panic based solely on inclusion in such lists, emphasizing that without a ransom note or evidence of locked files, the claims are probably false.Source: HackRead
Security Operations, Ransomware, Threat Intelligence
0APT cybercrime group accused of faking company breaches

(Adobe Stock Images)
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



