DETECTO/ThreatDossier
DashboardPricingThreatsRun Free ScanSign In
DETECTO/ThreatDossier

Security intelligence for MSPs, consultants, and businesses. Find breached credentials, compliance gaps, and exposed infrastructure before attackers do.

Product

  • Scan a Domain
  • Pricing
  • Dashboard
  • Sign In

Resources

  • Threat Intelligence
  • Ransomware Groups

Legal

  • Privacy Policy
  • Terms of Service

© 2026 DETECTO. All rights reserved.

Threats/Groups/Underground

Underground

Dormant

underground

First seen: 2024-05-01T14:04:52.774711+00:00Total victims: 26

Underground ransomware is deployed by the Russia-based RomCom group (Storm-0978) and has victimized companies across multiple industries since July 2023 by exploiting CVE-2023-36884, encrypting files without changing extensions and deleting Volume Shadow Copies and Windows event logs in double-extortion campaigns.

0Total Victims
0Countries Targeted
0Sectors Targeted
0Avg Attacks/Month

Activity Timelinelast 24 months

Top Targeted Sectors

Top Targeted Countries

Recent Victimsshowing 26 of 26

NameCountrySectorDate
SFA EngineeringKRTechnology2025-08-15T14:03:57.684917+00:00
GMORS Co., LtdTWManufacturing2025-06-25T09:41:20.003218+00:00
Afa Systems Ltd.CATechnology2025-04-16T12:55:00.212515+00:00
shengyusteel.comTWManufacturing2025-04-16T12:53:45.678509+00:00
semex.comCAAgriculture and Food Production2025-04-16T12:52:15.668886+00:00
Simmtech Co., Ltd.KRTechnology2024-12-16T13:58:25.740059+00:00
hcsgcorp.comUSHealthcare2024-10-25T13:23:10.927257+00:00
Casio Computer Co., LtdJPTechnology2024-10-10T07:38:43.242671+00:00
ramservices.comUSBusiness Services2024-07-03T13:48:07.475213+00:00
EthypharmFRHealthcare2024-07-01T16:54:50.394949+00:00
A-Line Staffing SolutionsUSHealthcare2024-06-17T16:24:21.043675+00:00
belcherpharma.comUSHealthcare2024-06-12T15:56:49.516959+00:00
CentralSecurities.comUSFinancial Services2024-06-11T05:28:38.560252+00:00
www.belcherpharma.comUSHealthcare2024-05-17T18:44:32.187550+00:00
kc.co.krKRTechnology2024-05-03T08:23:30.888871+00:00
bulldogbag.comCAManufacturing2024-05-01T14:14:37.825389+00:00
frenckengroup.comSGManufacturing2024-05-01T14:13:43.215817+00:00
synology.comDETechnology2024-05-01T14:12:41.106723+00:00
tpa-group.skSKBusiness Services2024-05-01T14:11:27.968531+00:00
Triathlon.groupDETransportation/Logistics2024-05-01T14:10:09.055259+00:00
awwg.comESBusiness Services2024-05-01T14:09:12.101215+00:00
KyungChang—Manufacturing2024-05-01T14:08:00.718847+00:00
Y. Hata & Co., Ltd.USAgriculture and Food Production2024-05-01T14:07:12.791127+00:00
Skender ConstructionUSBusiness Services2024-05-01T14:06:26.594344+00:00
Creative Business InteriorsUSBusiness Services2024-05-01T14:05:26.904859+00:00
cochraneglobal.comAETechnology2024-05-01T14:04:52.774711+00:00

Data from ransomware.live