Wallstreet — Ransomware Profile
Wallstreet is a data-leak extortion site that first appeared on ransomware-tracking platforms in late June 2026, operating a Tor-based leak site and listing a Tox ID for victim contact. Its debut post, Indian manufacturer Omax Autos, reposted a victim originally claimed by LockBit in March 2026 and re-listed by the LeakBazaar site in May 2026, and trackers flag the entry as a potential duplicate. No encryptor, ransom note, or intrusion tooling has been attributed to Wallstreet, and its two other posts, both from July 2026, are unverified by any independent reporting. The group's only verifiable claim to date recycles an intrusion previously claimed by another operation, and no original intrusions have been confirmed.
Read the full analysis on IntelFusions