Ransomware victim disclosure
← All victimsMicroimpuls LLC (Smarty Platform)
listed as smarty.arpinet.am · Claimed by apt73 · listed 12 hours ago
Status timeline
- Listed
Jun 3, 2026
- Data leaked
At a glance
- Group
- apt73
- Status
- Data leaked
- Country
- AM
- Sector
- Technology
- Listed on leak site
- Jun 3, 2026
About the victim
AI dossier — public-source company profileMicroimpuls LLC operates Smarty, an online platform for managing real estate data in the Armenian market. The platform provides tools for analyzing, searching, and monitoring properties, with integration to cadastral and legal information systems. The service targets the Armenian real estate sector.
- Industry
- Real Estate Technology & Data Management
Attack summary
Severity: high — Confirmed exfiltration of personal data at significant scale (17,150 client records). Affects a commercial platform serving the Armenian real estate market. No proof files are visible in the post excerpt, but the claim is specific and the deadline suggests active extortion.APT73 claims to have exfiltrated personal data of clients from the Smarty platform. The group states that 17,150 client records were obtained and are being held for ransom, with a deadline of 2026-06-03 for payment or public disclosure.
Data the group says was taken
AI dossier — extracted from the leak post- Client personal data
- Real estate client records
- Property-related information
What the group claims
***.am - it is an online platform for managing real estate data in the Armenian market, provi...
The leak post
captured from the group's siteDeadline: 2026/06/03 22:00:00 UTC +0 arpinet.am - it is an online platform for managing real estate data in the Armenian market, providing tools for analyzing, searching and monitoring properties, as well as integration with cadastral and legal information. Personal data of clients. There are 17150 lines in total. | *Until the files will be available left* | *We always initially offer to buy data by origin company. But we are also ready to consider third-party offers.* | | --- | --- | *If you see that a timer is running in your company's block, you have a chance to avoid a data leak. To do this, you need to write to us in the form and indicate your details. Our support team will contact you shortly and help you. **You must understand that there is no time to think, you must make a decision quickly, the timer has started.** If you see a button at the bottom of your company's publication, this means that all data is publicly available. If you are a customer or employee of a company that has been affected, please contact us and give us the information about yourself that you want removed. We will check what we have related to you and remove it from the leak. **The price de…
Sources
Source
Indexed 12 hours agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.