securotrop
Ransomware group profile
Description
Securotrop is a ransomware group that emerged in March 2026, evolving from the Qilin ransomware gang. They primarily engage in financial extortion using a double-extortion model that includes data exfiltration and threatening to publish stolen data if ransoms are not paid.
Key insights
- •Utilizes a double-extortion model involving data exfiltration and encryption of victim systems.
- •Threatens to publish sensitive client and employee information on a leak site.
- •Can exfiltrate large volumes of data, ranging from hundreds of gigabytes to over two terabytes.
- •Targets diverse sectors and employs effective compromise vectors for breaches.
- •Motivated primarily by financial gain through extortion.
Threat Level & Status Breakdown
For securotrop · Based on incidents in selected period
Status Breakdown
Recent activity
Monthly attack count for securotrop in the selected period
Intelligence
IOCs, YARA/Sigma rules, and related families for securotrop
- 94f73b5dc06ba6705fcef3e759413a747049c2949a0c2e44afc03b2f9989cf73
- c3804d1329b55a37bfa2f835e1e9bbc7bdb2b260f8e3627c06e02c9f52685d44
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for securotrop
T1486
T1486
T1490
T1490
T1041
T1041
T1562
T1562
T1078
T1078
T1021
T1021
T1021.001
T1021.001
T1561
T1561
T1059
T1059
T1547
T1547
Victims(52)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Charisma Media | charismamedia.com | US United States | Technology | Claimed | 6 days ago | |
| Kriete Truck Centers | krietetrucks.com | US United States | Transportation | Claimed | 14 days ago | |
| Thompson Builders Corporation | tbcorp.com | US United States | Other | Claimed | about 2 months ago | |
| Synergy Engineering | — | US United States | Professional Services | Claimed | about 2 months ago | |
| Tax Prep and More | — | US United States | Financial Services | Claimed | 2 months ago | |
| Jones Haber Law | — | US United States | Professional Services | Claimed | 2 months ago | |
| Universal Mailing Service | umsmail.com | US United States | Manufacturing | Claimed | 4 months ago | |
| Marshal Renee Construction | marshalrenee.com | US United States | Manufacturing | Claimed | 4 months ago | |
| Living Realty | livingrealty.com | CA Canada | Manufacturing | Claimed | 5 months ago | |
| Spartan Carbide | spartancarbide.com | US United States | Manufacturing | Claimed | 6 months ago | |
| Cadman Power Equipment | cadmanpower.com | CA Canada | Manufacturing | Claimed | 6 months ago | |
| Delta Coast Consultants | deltacoastllc.com | US United States | Manufacturing | Claimed | 7 months ago | |
| Mister Guns | misterguns.com | US United States | Manufacturing | Claimed | 7 months ago | |
| Pocatello Ready Mix | horrocksreadymix.com | US United States | Manufacturing | Claimed | 7 months ago | |
| Superior Air Parts | superiorairparts.com | US United States | Manufacturing | Claimed | 8 months ago | |
| Churchill Claims Services | churchill-claims.com | US United States | Manufacturing | Claimed | 8 months ago | |
| Mill Bay Marine Group | mbmg.ca | CA Canada | Manufacturing | Claimed | 9 months ago | |
| Structural Component Systems | scstruss.com | US United States | Manufacturing | Claimed | 9 months ago | |
| Allardyce Bower Consulting | abcengineering.ca | CA Canada | Manufacturing | Claimed | 9 months ago | |
| Weschler's Auctioneers | weschlers.com | US United States | Manufacturing | Claimed | 9 months ago |
Page 1 of 3
Affected countries(6)
Countries where this group has been reported to target or leak victims.