THREAT OPS › Threat News › [dragonforce] SITAV SpA posted to leak site
[dragonforce] SITAV SpA posted to leak site
Ransomware group: dragonforce Victim: SITAV SpA Victim website: sitav.eu Sector: Manufacturing Country: IT Discovered: 2026-07-14T13:54:31.609674+00:00 Leak-site post: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=639ab14a-fdcd-4e32-be98-d16c626fbebe Description: SITAV specializes in the construction, maintenance, revision, and restoration of trains and rail
Indicators of compromise
- sitav.eudomain
- http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=639ab14a-fdcd-4e32-be98-d16c626fbebeurl