Bravox

Ransomware Group Profile

Overview

BravoX is a selective ransomware-as-a-service operation that surfaced publicly in January 2026 after advertising on the RAMP underground forum, targeting primarily US-based organizations in healthcare and retail while applying strict affiliate vetting requirements including proof of access or a financial deposit.

Dark Web Infrastructure (2)
bravoxxtrmqeeevhl7gdh2yzvlrjxajr66d33c7ozosrccx4cz7cepad.onion
bravoxxwcfz5qk43ychgveprpd5mw5hvxfs4a2uz2okx7mumiht4fzyd.onion
Activity Timeline
First Seen2026
Last Seen2026
Leak Sites2
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001