Live Latest activity →
M3

m3rx

Known ransomware group
Established actor

M3rx is a small ransomware group first observed in 2025, using AES-CTR/AES-GCM encryption and targeting organizations in England, the US, Australia, Germany, Italy, and Switzerland, with around eight claimed victims including a Sydney-based property firm.

7

Total Claims

0

Critical

Records Claimed

4

Industries Hit

Active span: May 3, 2026 – May 6, 2026 · 7 organizations targeted

Established actor
Activity 5.6 Severity 4.6 Sectors 5.4 Tooling 0.0

Actor Threat Profile

Activity Timeline

Peak: May 2026 (7)
May 2026
LessMore
May 2026

Share this profile

Shareable intel card for m3rx

Top Targeted Industries

Consumer Services 2
Technology 2
Business Services 1
Transportation/Logistics 1

Tradecraft & Infrastructure

0

Documented tools

0 / 0

MITRE tactics / techniques

2

Known leak sites

Full intelligence profile on ransomware.live →

Targeted Organizations

kbtoys.com.aupvdd.caalge-stop.dkdatasavior.comemtco.comit-freitag.demanateeair.com

Claims by m3rx

High
140 GB leaked

Ransomware Claim: kbtoys.com.au

kbtoys.com.au
m3rx
Ransomware Consumer Services
May 7, 2026
High
148 GB leaked

Ransomware Claim: pvdd.ca

pvdd.ca
m3rx
Ransomware
May 7, 2026
Low
73 GB leaked

Ransomware Claim: alge-stop.dk

alge-stop.dk
m3rx
Ransomware Consumer Services
May 7, 2026
Low
540 MB leaked

Ransomware Claim: datasavior.com

datasavior.com
m3rx
Ransomware Technology
May 7, 2026
High
180 GB leaked

Ransomware Claim: emtco.com

emtco.com
m3rx
Ransomware Business Services
May 3, 2026
Low

Ransomware Claim: it-freitag.de

it-freitag.de
m3rx
Ransomware Technology
May 3, 2026
Low

Ransomware Claim: manateeair.com

manateeair.com
m3rx
Ransomware Transportation/Logistics
May 3, 2026

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.