Quick Summary
AllegedExecutive Summary
Delegal Poindexter & Underkofler, P.A. was listed by the Morpheus ransomware group on their dark web leak portal on June 25, 2026. This information was surfaced by SOCRadar’s Dark Web Monitoring service. The organization operates in the business services sector. The listing indicates Morpheus’s recent activity, which has shown a pattern of targeting organizations across business services, financial services, and technology sectors, with victims previously identified in India and Denmark.
Technical Analysis
SOCRadar’s search of stealer-log telemetry did not return any records for Delegal Poindexter & Underkofler, P.A. on their primary corporate domain. This suggests that, within the analyzed data, there was no direct evidence of compromised credentials accessible via typical infostealer methods for this specific domain. However, the absence of evidence does not confirm the absence of risk, as credentials could exist on other domains, personal email aliases, or data feeds not covered in the specific query. The typical attack vector for ransomware groups like Morpheus involves obtaining stolen credentials from underground marketplaces to gain initial access through platforms like Microsoft 365, VPNs, or remote-access portals before deploying ransomware. Therefore, CTI teams are advised to continue monitoring and implement proactive credential hygiene measures rather than assuming a lack of risk based on a negative query result.