Quick Summary
AllegedExecutive Summary
Salters Propane, an energy company based in the United States, has been identified as a victim by the SpaceBears ransomware group. The listing appeared on the group’s dark web portal on July 2, 2026, as reported by SOCRadar’s Dark Web Monitoring service. The company operates in fuel distribution within the US energy sector, fitting a pattern observed with SpaceBears’ recent targeting of US organizations, particularly those in manufacturing, business services, and technology. Over the 60 days leading up to this listing, SpaceBears claimed 12 other victims. The group’s activity shows a concentration in the United States, Italy, and Germany, with a preference for manufacturing, business services, and technology sectors. Other mid-market US organizations with similar profiles to Salters Propane have also been targeted by SpaceBears, including Ridge Law Firm, SmilePoint Dental Group, Lösing Filtertechnik, and Erla Technologies.
Technical Analysis
SOCRadar’s analysis of stealer-log telemetry revealed no direct credential exposure for salterspropane.com within the queried data slice. However, the absence of a direct hit does not guarantee a lack of exposure. Credentials may have been harvested under alternative domains, personal email aliases, or been rotated before indexing. Ransomware groups like SpaceBears commonly leverage credentials sourced from underground marketplaces as an initial access vector, compromising systems via Microsoft 365, VPN, or remote-access portals before deploying ransomware. Continuous monitoring and proactive credential hygiene are crucial, as a null query result should not be interpreted as a sign of security.