desolator
Ransomware group profile
8Victims
UnknownSource country
54Impact score
Description
Desolator is a ransomware group that emerged in mid-2025, operating as a Ransomware-as-a-Service (RaaS). They engage in fast-moving attacks using a double extortion model, targeting a variety of industries while primarily focusing on financial gain.
Key insights
- •Uses a double extortion model involving file encryption and data leak threats.
- •Targets small to mid-sized businesses across Europe and Asia.
- •Initial access is achieved through malicious documents and RDP brute-force attacks.
- •Employs strong obfuscation techniques in their ransomware, written in C++.
- •Communicates with command and control infrastructure via Telegram and Tor.
- •Utilizes custom tools for deployment and management of RaaS operations.
Threat Level & Status Breakdown
For desolator · Based on incidents in selected period
0.7threat level
Aggressiveness2/ 10
Lethality0/ 10
Criticality0/ 10
Status Breakdown
Claimed100.0%8
First seenAug 2025
Last seenSep 2025
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 18, 2026
Recent activity
Monthly attack count for desolator in the selected period
8Total attacks
6peak in Aug
4avg / month
↓ 4 vs first month
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for desolator
Other
T1486
T1486
T1490
T1490
T1078
T1078
T1021
T1021
T1562
T1562
T1059
T1059
T1547
T1547
T1027
T1027
T1080
T1080
T1485
T1485
Victims(8)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Construseñales S.A. ( Colombia ) | — | CO Colombia | Other | Claimed | 10 months ago | |
| LEVEL ( USA ) | — | US United States | — | Claimed | 10 months ago | |
| Tri Thuc Software ( Vietnam ) | — | VN Vietnam | Technology | Claimed | 10 months ago | |
| Construcciones Sala ( Colombia ) | — | CO Colombia | Other | Claimed | 10 months ago | |
| LEVEL | level.com | US United States | Financial Services | Claimed | 10 months ago | |
| Construcciones Sala | construccionessala.com | CO Colombia | Other | Claimed | 10 months ago | |
| Construseñales S.A. | — | CO Colombia | Other | Claimed | 10 months ago | |
| Tri Thuc Software | banquyenphanmem.vn | VN Vietnam | Technology | Claimed | 10 months ago |
Affected countries(10)
Countries where this group has been reported to target or leak victims.