DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Play

Play

Active

play

First seen: 2022-11-26 19:33:43.668769Total victims: 1,239

Initially observed in June 2022, the Play ransomware (a.k.a PlayCrypt) operates through double extortion, targeting numerous organizations in Latin America. Its Initial Access method is quite similar to other ransomwares, involving attacks such as Phishing, Exposed Services to the Internet, and Valid Account compromises.<br> <br> On April 19, 2023, the security company Symantec published two new tools developed by the Play group. These tools allow the malicious actor to enumerate and exfiltrate data from the internal network. The post mentions the following: 'Play threat actors use the .NET infostealer to enumerate software and services via WMI, WinRM, Remote Registry, and Remote Service. The malware checks for the existence of security and backup software, as well as remote administration tools and other programs, saving the information in .CSV files that are compressed into a .ZIP file for later manual exfiltration by threat actors.'Source: https://github.com/crocodyli/ThreatActors-TTPs

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

Recent Victimsshowing 50 of 1239

NameCountrySectorDate
Crystal Point—Not Found2026-04-06 19:43:33.467510
MorphosisUSTechnology2026-04-06 19:42:35.680326
Barnes Solicitors LLPGBBusiness Services2026-04-04 19:58:05.769741
SokolinUSConsumer Services2026-04-04 19:57:24.412370
BrokkSEManufacturing2026-03-30 18:53:57.498101
Colorado Construction—Construction2026-03-30 18:53:14.975411
Lucky LookDENot Found2026-03-30 18:52:32.217254
Weber Kracht & ChellewUSNot Found2026-03-30 18:51:49.513251
SpecflueGBManufacturing2026-03-30 18:51:08.693360
KivellsGBNot Found2026-03-30 18:50:27.599186
Dock Pros—Transportation/Logistics2026-03-30 18:49:45.385224
Ampex Data SystemsUSTechnology2026-03-30 18:49:02.427582
Valley Plating IncUSManufacturing2026-03-30 18:48:21.102571
Witt UK GroupGBManufacturing2026-03-30 18:47:39.711890
TPIS Industrial ServicesUSManufacturing2026-03-26 19:25:33.105733
All Real Estate Title SolutionsUSBusiness Services2026-03-24 19:27:24.729405
Roxiticus Golf ClubUSHospitality and Tourism2026-03-24 19:26:47.517403
Pinnacle—Not Found2026-03-24 19:26:08.030596
Ascent Asset GroupUSFinancial Services2026-03-24 19:25:47.913100
Capital Wholesale DrugUSHealthcare2026-03-24 19:25:02.090019
Block EngineeringUSTechnology2026-03-24 19:24:15.337531
Window & Door Design Center of FloridaUSConstruction2026-03-24 19:23:35.957864
Knight's Site Services—Not Found2026-03-17 17:15:49.245853
GsolutionzUSTechnology2026-03-17 17:15:08.834600
Executive Aviation—Transportation/Logistics2026-03-15 19:42:24.526107
Circle FloorsUSNot Found2026-03-12 17:37:26.147232
Eagle Industrial Equipment—Manufacturing2026-03-12 17:36:47.408815
Infinity Systems—Not Found2026-03-09 19:25:13.113929
Serrano Industries—Not Found2026-03-09 19:24:34.478086
Helen KaminskiAUConsumer Services2026-03-09 19:23:56.762739
Byard F BroganUSManufacturing2026-03-09 19:23:19.418460
Facilities USAUSBusiness Services2026-03-09 19:22:41.827214
Southern Concrete Construction—Construction2026-03-09 19:22:04.150684
T a SolbergNONot Found2026-03-06 21:19:15.021087
Don E BowerUSConstruction2026-03-06 21:18:37.002185
Design To PrintUSManufacturing2026-03-06 21:17:59.032243
Select ToolCAManufacturing2026-03-06 21:17:20.865023
DFW Aero MechanixUSTransportation/Logistics2026-03-06 21:16:43.025730
Garland Williams & Associates—Not Found2026-03-06 21:16:01.252566
Equine CanadaCANot Found2026-03-03 20:11:13.735284
GapVaxUSManufacturing2026-03-03 20:10:34.616554
Gordon/Clifford RealtyUSBusiness Services2026-03-02 21:50:47.932180
CabkaDEManufacturing2026-03-02 21:50:30.539092
The Kuker GroupUSNot Found2026-03-02 21:49:52.156780
LRA ConstructorsUSConstruction2026-03-02 21:49:14.041090
Cobblestone Creek Country ClubUSHospitality and Tourism2026-03-02 21:48:36.903781
Project Consulting ServicesUSBusiness Services2026-03-02 21:47:59.037565
Go Professional CasesUSManufacturing2026-03-02 21:47:21.987749
WCC Technologies Group—Not Found2026-03-02 21:46:44.350172
Favaro Lavezzo Gill Caretti—Not Found2026-03-02 21:46:01.550786

Data from ransomware.live