Indian automotive Nanvit Group ransomware data is now available in the Dark Web

May 15, 2021
indian automotive Nanvit Group ransomware Data Darkweb Xing Locker

A complete dump of the following data is now exposed on the dark web! Passports, DL scans, credit cards, financial documents, tax forms, Employee Personal Information, corporate databases, etc. hacked from a gigantic holding company in India, Navnit Group.

It appears that there is a new kid on the block in the ransomware cyberscape where exposing encrypted data became a common practice after a failed negotiation. While we were doing a routine scan in the dark web, we stumbled upon a reasonably new Ransomware Gang page called Xing Locker. It appears that a senior Ransomware group called Astro Team has teamed up with Xing.


Indian Automotive Navnit Ransomware Data dark web image 1



Xing Locker exposes Navnit group’s data

It all started this year, most likely this April, according to multiple sources that Xing Locker started demanding Navnit to pay a ransom to avoid exposing Navnit’s data. In their Ransom Blog, here is what they posted about Navnit:

“The Navnit Group, a Rs. 1000 crore plus network of diverse companies, is a reputed and professionally managed Mumbai-based business and brand. It operates in the mobility segments spanning land, sea, air and allied businesses. : It’s a huge holding company which didn’t keep confidentional info in secret. All is inside!”


Indian Automotive Navnit Ransomware Data dark web image 2


Here is more information about the dump
“Target Info
Company Name
Total Revenue
$521 Million
Volume Of Stolen Data
500 GB
Last Updated:
We publish full dump, a lot of passports, DL scans, credit cards, financial documents. A lot of tax forms, personal information of staff, corporate databases and much much more. “ Published for Free!

As you can see, the data is published for free. Xing Locker even pointed out that the volume is stolen data. The files are kept in a private yet publicly accessible onion directory. Here is a screenshot for proof to look at:

Indian Automotive Navnit Ransomware Data dark web image 3


NAVNIT Group is only one of their victims. Other companies are exposed listed as their victims.

iZOOlogic offers Data Loss Recovery services to help companies like the NAVNIT group to investigate such claims. At best, we also attempt to negotiate with such groups to takedown contents on the Dark Web to avoid further exposure and future misuse. While IT professionals do their best in keeping systems secure, at some point, systems will always be targeted to break. Therefore, we suggest that we always keep a backup of the whole system first. Secondly, confidential and personal data should be encrypted to avoid similarly tragic database dumps such as NAVNIT’s. Lastly. Invest in multi-approach security to keep your systems secure to prevent malware attacks. iZOOlogic can help companies scan for vulnerabilities and actively seek out internet-related phishing attack with their phishing intelligence team because not all information leak happen through a data breach, sometimes in a micro manner through Social Engineering attacks.


About the author

Leave a Reply