Summary
On July 16, 2025, the ransomware group Crypto24 claimed responsibility for an attack targeting Larimart S.P.A (larimart.it), an Italian company specializing in advanced technologies. According to the threat actor’s post, they have secured 2TB of sensitive data, including NATO-linked armor specifications and ballistic protection designs, and intend to release it unless negotiations are initiated.
Incident Report
| Field | Details |
|---|---|
| Target | Larimart S.P.A |
| Domain | larimart.it |
| Country | Italy |
| Attacking Group | Crypto24 |
| Date Reported | July 16, 2025 |
| Threat Actor Statement | “We have secured 2TB of confidential data and will release it unless contacted.” |
About Larimart S.P.A
Larimart S.P.A is a leading Italian company in the technologies sector, providing critical solutions and innovations for military and civilian applications. Their expertise in advanced technologies makes them a significant player in the industry.
About Crypto24
The Crypto24 group is known for targeting high-profile organizations with ransomware attacks, aiming to extract valuable data for financial gain. Their operations often involve compromising sensitive information and threatening public disclosure.
Proactive Response to Ransomware Threats
Organizations must stay vigilant against ransomware threats by implementing robust cyber defenses and conducting regular risk assessments. Dark web monitoring plays a crucial role in identifying potential threats and data breaches early, allowing for timely intervention. To protect your company, utilize tools like the email breach checker at https://mspdarkintel.com/domain-breach-scan to monitor and safeguard your digital assets.
Recommendations
- Monitor your domains and email addresses for exposure using reputable threat intelligence tools.
- Conduct a full compromise assessment and incident response drill internally.
- Verify backups and ensure they are offline and ransomware-resistant.
- Educate staff on phishing, social engineering, and lateral movement techniques used by groups like Qilin.
- Engage with cyber forensics and legal counsel before initiating contact with threat actors.
Check Your Exposure
Wondering if your organization or employees are impacted by recent breach activity?
-
Check domain-wide breach exposure:
mspdarkintel.com/domain-breach-scan -
Check if an email was breached:
mspdarkintel.com/email-breach-scan
Disclaimer
The MSPDarkIntel team does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information.
All breach data reported here is sourced from publicly available threat intelligence feeds for awareness and early-warning purposes only.
Our goal is to inform organizations of emerging threats so they can take timely defensive action.
Table of Contents
