Skip to content

Mistral Solutions hit by Bashe ransomware in a major cyberattack

  • by
  • 2 min read

Illustration: JMiks | Shutterstock

Mistral Solutions Pvt. Ltd., a prominent Indian technology design and systems engineering company, has fallen victim to the notorious Bashe ransomware.

Mistral Solutions was founded in 1977 and is based in Bengaluru. The company specialises in end-to-end product design, application deployment, and system engineering services.

The firm caters to industries such as defence, aerospace, semiconductors, and industrial automation, making it a critical player in India’s technological ecosystem. The company has alliances with Qualcomm, Nvidia, AMD, Altera, NXP, and Texas Instruments.

Last year, Mistral equipped Gujarat police with mobile communication vehicles for disaster response. Also, the firm claims to built a Chinese-component-free drone at the ‘Him-Drone-A-Thon 2’ event organised by the Indian Army.

Given the highly technical and sensitive nature of the data that the company engages in, this cyber attack can have serious consequences both for the government and private sector.

Bashe ransomware group is one of the newly emerged threat actors. Researchers discovered that Bashe has been active since April 2024 and mimics other groups like LockBit. This threat actor targets no specific sector, and hence, companies in financial services, IT, banking, and manufacturing fields have been victims of this gang.

This is an image of indian flag

Researchers also discovered that the group often claims false responsibility to gain notoriety. This technique helps in two ways: first, they come in the limelight and second, this helps the group to form alliances with other cybercriminals.

Last month, the Bashe ransomware group claimed to have breached the ICICI Bank, one of India’s most important financial institutions. However, experts claim it to be a fluke.

The group operates via a Tor network and has an infrastructure based in the Czech Republic. Bashe uses AS9009 Automated System Number (ASN) for hosting, a platform used by other threat actors, including TrickBot, Meduza Stealer, and Rimasuta.

In January 2025, Let’s Secure Insurance Brokers Pvt Ltd. suffered a ransomware attack by the KillSec group. Insurance is also one of the most data-intensive sectors, especially in a country like India, and hence is emerging as a new favourite of cyber crooks.

In the News: India’s finance ministry bans AI tools like ChatGPT and DeepSeek

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of dark web hacker security

Security flaw in Dahua CCTVs allows remote access

This is an image of python windows featured

Hackers are targeting Python developers with fake PyPI sites

This is an image of apple featured 2323424823

Apple patches Safari bug; Already exploited in Chrome

This is an image of dark web hacker security

Vibe coding platform breach exposes corporate apps

This is an image of dark web hacker security

Fake apps are stealing data blackmailing users on Asian mobile networks

This is an image of ransomware 32988sd

FBI collects dues from Chaos ransomware gang; $2.4 million in crypto seized

>