Netstar Australia Hit by Black Shrantac Ransomware Group in First Australian Attack Melbourne-based technology firm Netstar Australia, a provider of tailored GPS fleet tracking and telematics solutions, has been targeted by the Black Shrantac ransomware group, which claims to have breached its network and exfiltrated sensitive data. The threat actor listed Netstar on its dark web leak site, alleging the theft of customer data, financial records, and databases—totaling 800 GB—which it threatens to publish "soon." Samples posted by Black Shrantac include business documents containing staff details, tax records, equipment logs, customer information, bank account numbers, addresses, emails, phone numbers, contract details, and insurance data. While the full dataset has not yet been released, the group has a history of sharing extensive proof-of-breach material. Black Shrantac, a ransomware operation first detected in September 2025, has rapidly expanded its victim list, targeting 26 organizations worldwide, including entities in the U.S., Turkey, Indonesia, India, Peru, and Bulgaria. Netstar Australia marks the group’s first confirmed Australian victim. Unlike many ransomware groups, Black Shrantac lacks a public "about" page, leaving its operations largely opaque. However, its ransom notes reportedly warn victims that their data has been both stolen and encrypted, with instructions to avoid modifying or restarting devices to prevent decryption failures. Netstar Australia has not publicly confirmed the breach, and further details remain unconfirmed as the company has yet to respond to inquiries. The incident underscores the growing threat posed by emerging ransomware groups leveraging double-extortion tactics—combining data theft with encryption to pressure victims into paying ransoms.