Home All Victims The company MST (Sanko Makina and ASKO Holding)

The company MST (Sanko Makina and ASKO Holding)

blacknevas

This record tracks a ransomware attack claimed by the blacknevas group against The company MST (Sanko Makina and ASKO Holding). It collects the publicly disclosed attack details — sector, location and timeline — as published on the operator's leak site and indexed by Breach House.

Window Zero

EXPOSURE GAP

Window Zero is the time the breach stayed in the open before anyone said so — the gap between when the attack was first discovered on the operator's leak site (t1) and when it was publicly disclosed (t2). The wider this window, the longer victims, staff and customers were exposed with no warning.

91days open
t1 · Published t2 · Pending
Mar 17, 2026Not disclosed yet
Country
Türkiye
Business Category
Manufacturing / Engineering
Employees
+1000
Discovered
2026-04-30
Published
March 17, 2026
Disclosed / Notified
Not disclosed yet
Victim ID
Iu4gSEHBAG00

Attack Summary

The company MST (Sanko Makina and ASKO Holding) has direct and close ties to the Turkish defense industry. It serves as an important supplier of specialized military engineering equipment for Turkish security forces. Here is exactly how the company is connected to the defense sector: 1. Production of Armored Construction Equipment: Ordinary construction machinery is vulnerable in combat zones. MST develops and manufactures armored backhoe loaders and telehandlers specifically designed for military needs. The cabins, engine compartments, and vital components of these machines are protected by armor capable of withstanding small arms fire and improvised explosive device (IED) blasts. 2. Supplies for the Army and Police: The primary customers for MST's military products are the Turkish Armed Forces (TSK), the General Command of the Gendarmerie, and the General Directorate of Security (Police). 3. Specific Applications: MST's military equipment is actively used by engineering troops and special forces for the following tasks: • Digging trenches and building defensive berms on the front lines; • Dismantling barricades, destroying militant shelters, and clearing streets during anti-terrorist operations (such equipment was heavily used by Turkish security forces during urban operations in the southeastern part of the country); • Safely neutralizing explosive devices on roads; • Constructing and fortifying military outposts and bases. 4. Integration into State Defense Programs: MST works in close cooperation with the Presidency of Defense Industries (SSB) of Turkey. The production of indigenous armored engineering equipment is part of Turkey's state strategy for import substitution and ensuring the national army's independence from foreign suppliers. 5. Participation in Defense Exhibitions: The MST brand regularly showcases its military developments at major international arms exhibitions, such as IDEF (International Defence Industry Fair), offering its armored special equipment not only to the domestic market but also for export to allied nations. Information for our partners: > Over the course of seven months, a significant volume of data was stolen. > The obtained files were encrypted and stored in secure storage. > The stated starting price is 15 bitcoins.

Leak Screenshots

SAMPLE

Proof-of-breach screenshots the operator posted from the stolen data. Previews are redacted and locked — the originals are available on HaveIBeenRansom.

file_tree.png
finance_2024.xlsx
passport_scan.jpg
contract_signed.pdf
Sign in or explore HaveIBeenRansom to view the full leak gallery.
View leak gallery →

Dark Web Exposure

Cross-referenced against HaveIBeenRansom's dark-web index of ransomware leaks, breaches & infostealer logs.
0
found in Infostealer logs
0
found in Traditional breaches
0
found in Ransomware leaks
Emails exposed
••••
Internal
•••
External
•••
Distinct leaks
••
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
••••••••••••••••••••••••
•••••••••• · ••••••
••• emails
Full exposure is locked
See every breached email, the internal-vs-external split and each leak source behind this victim.
Sign in to unlock Dig deeper on HaveIBeenRansom →
Want the complete picture — passwords, machines, full leak files? It's all searchable on HaveIBeenRansom.
Search this victim →
Visit Website Original Post View Group: blacknevas

Related entries

PROMOSFERA S.R.l. KINAS SOLICITORS Paramount Health Services & Insurance TPA Pvt. Ltd E-CON Packaging Private Limited Heng An Standard Life Insurance Carrera Casting Corp.
Legal Disclaimer: This ransomware victim record reflects information published on the operator's leak site. Breach.house does not acquire, download, host, access or redistribute unlawfully obtained data. It indexes only publicly visible information posted by ransomware, breach and infostealer operators and open web sources, without accessing the underlying stolen content. The service supports public awareness, legitimate research and cyber-resilience.