May 26, 2025 marked the debut of a new ransomware threat actor on the cybercrime scene: DataCarry. With little to no prior presence on underground forums or ransomware blogs, DataCarry made a bold entrance—listing 8 victims across various countries on its dark web leak site within 24 hours of surfacing.
Among the first organizations exposed was FrontierCo, a South African company operating in the consumer goods and retail distribution sector.
DataCarry’s victim list spans multiple continents, indicating that the group is not regionally focused, but instead casting a wide net across industries and geographies. South Africa’s FrontierCo now joins the growing list of African businesses in the crosshairs of cybercriminals.