play
Initially observed in June 2022, the Play ransomware (a.k.a PlayCrypt) operates through double extortion, targeting numerous organizations in Latin America. Its Initial Access method is quite similar to other ransomwares, involving attacks such as Phishing, Exposed Services to the Internet, and Valid Account compromises.<br> <br> On April 19, 2023, the security company Symantec published two new tools developed by the Play group. These tools allow the malicious actor to enumerate and exfiltrate data from the internal network. The post mentions the following: 'Play threat actors use the .NET infostealer to enumerate software and services via WMI, WinRM, Remote Registry, and Remote Service. The malware checks for the existence of security and backup software, as well as remote administration tools and other programs, saving the information in .CSV files that are compressed into a .ZIP file for later manual exfiltration by threat actors.'Source: https://github.com/crocodyli/ThreatActors-TTPs
| Name | Country | Sector | Date |
|---|---|---|---|
| Greg Crosslin | US | Not Found | 2026-06-17T18:26:14.919445+00:00 |
| Integrated Technologies | — | Technology | 2026-06-17T17:54:59.873256+00:00 |
| eurOptimum | DE | Technology | 2026-06-17T17:54:25.077642+00:00 |
| Mundt and Associates | US | Business Services | 2026-06-10T15:54:05.833841+00:00 |
| Rainbow Distributors USA | US | Consumer Services | 2026-06-10T15:53:31.219722+00:00 |
| Pearson Ford | GB | Transportation/Logistics | 2026-06-06T13:23:12.128367+00:00 |
| Urschel Laboratories | US | Agriculture and Food Production | 2026-06-04T21:57:41.325214+00:00 |
| Dallis Law Firm | US | Business Services | 2026-06-04T21:57:17.229156+00:00 |
| The Chapel | US | Not Found | 2026-06-04T21:56:53.205225+00:00 |
| Corley MFG | US | Manufacturing | 2026-06-04T21:56:29.292992+00:00 |
| Digitall Graphics | CA | Technology | 2026-06-01T09:53:35.317885+00:00 |
| Hightower Communications | US | Telecommunication | 2026-06-01T09:22:47.851446+00:00 |
| GW Mechanical | US | Business Services | 2026-05-25T20:25:22.236074+00:00 |
| NL Fisher | NL | Agriculture and Food Production | 2026-05-25T20:24:56.355237+00:00 |
| Round Hill Country Club | US | Hospitality and Tourism | 2026-05-25T20:24:31.582159+00:00 |
| Legend Networking & Telecom | US | Telecommunication | 2026-05-25T20:24:06.442811+00:00 |
| MyPillow | US | Consumer Services | 2026-05-25T20:23:42.087692+00:00 |
| De Waard Transport | NL | Transportation/Logistics | 2026-05-25T19:33:59.858935+00:00 |
| Zuther Hautmann | DE | Not Found | 2026-05-19T14:53:55.934352+00:00 |
| Infoworld Membership Systems | — | Technology | 2026-05-12T20:26:45.256640+00:00 |
| Town Car International | US | Transportation/Logistics | 2026-05-12T20:26:21.145318+00:00 |
| Northern Mechanical Contractors | CA | Construction | 2026-05-12T20:25:56.811386+00:00 |
| ACC Construction | US | Construction | 2026-05-12T20:25:32.213004+00:00 |
| IWC Food Service | US | Agriculture and Food Production | 2026-05-12T20:25:01.188356+00:00 |
| Ashcroft Homes | CA | Construction | 2026-05-12T20:24:36.222781+00:00 |
| DURAND-WAYLAND | US | Manufacturing | 2026-05-12T20:24:11.848297+00:00 |
| K & E Distributing | US | Transportation/Logistics | 2026-05-08T07:26:32.181048+00:00 |
| Accessoires Outillage Ltee | CA | Manufacturing | 2026-05-08T07:26:04.954814+00:00 |
| EMA Engineering & Consulting | US | Business Services | 2026-05-08T07:25:37.616893+00:00 |
| Crystal Point | US | Not Found | 2026-04-06T19:43:33.467510+00:00 |
| Morphosis | US | Technology | 2026-04-06T19:42:35.680326+00:00 |
| Barnes Solicitors LLP | GB | Business Services | 2026-04-04T19:58:05.769741+00:00 |
| Sokolin | US | Consumer Services | 2026-04-04T19:57:24.412370+00:00 |
| Brokk | SE | Manufacturing | 2026-03-30T18:53:57.498101+00:00 |
| Colorado Construction | US | Construction | 2026-03-30T18:53:14.975411+00:00 |
| Lucky Look | DE | Consumer Services | 2026-03-30T18:52:32.217254+00:00 |
| Weber Kracht & Chellew | US | Business Services | 2026-03-30T18:51:49.513251+00:00 |
| Specflue | GB | Manufacturing | 2026-03-30T18:51:08.693360+00:00 |
| Kivells | GB | Construction | 2026-03-30T18:50:27.599186+00:00 |
| Dock Pros | US | Transportation/Logistics | 2026-03-30T18:49:45.385224+00:00 |
| Ampex Data Systems | US | Technology | 2026-03-30T18:49:02.427582+00:00 |
| Valley Plating Inc | US | Manufacturing | 2026-03-30T18:48:21.102571+00:00 |
| Witt UK Group | GB | Manufacturing | 2026-03-30T18:47:39.711890+00:00 |
| TPIS Industrial Services | US | Manufacturing | 2026-03-26T19:25:33.105733+00:00 |
| All Real Estate Title Solutions | US | Business Services | 2026-03-24T19:27:24.729405+00:00 |
| Roxiticus Golf Club | US | Hospitality and Tourism | 2026-03-24T19:26:47.517403+00:00 |
| Pinnacle | US | Not Found | 2026-03-24T19:26:08.030596+00:00 |
| Ascent Asset Group | US | Financial Services | 2026-03-24T19:25:47.913100+00:00 |
| Capital Wholesale Drug | US | Healthcare | 2026-03-24T19:25:02.090019+00:00 |
| Block Engineering | US | Technology | 2026-03-24T19:24:15.337531+00:00 |
Data from ransomware.live