fsociety

Ransomware group profile

8Victims

61Impact score

Also Known As

flocker

FSociety

Description

Flocker is a ransomware group that primarily targets small to medium-sized enterprises, utilizing phishing attacks for initial access and exploiting software vulnerabilities for privilege escalation. Known for its quick encryption processes and double extortion tactics, Flocker threatens to release sensitive data if ransom demands are not fulfilled.

Key insights

•Employs phishing attacks for initial access and exploits known vulnerabilities for privilege escalation.
•Utilizes quick multi-threading techniques to expedite file encryption.
•Engages in double extortion, threatening to leak stolen data if ransom is not paid.
•Targets various sectors, including healthcare, finance, and education.
•Exploits zero-day vulnerabilities and unpatched software for attacks.
•Demands moderate ransom amounts that can escalate if initially ignored.

Industries

Education Financial Services Government & Defense Healthcare Manufacturing Other Professional Services Retail & E-Commerce Technology

Threat Level & Status Breakdown

For fsociety · Based on incidents in selected period

2.2threat level

Aggressiveness2/ 10

Lethality0/ 10

Criticality5/ 10

Status Breakdown

Claimed100.0%8

First seenJun 2025

Last seenAug 2025

Avg ransom—

Payment rate—

Statusactive

Sophistication0

Last updatedJun 7, 2026

Recent activity

Monthly attack count for fsociety in the selected period

8Total attacks

3peak in Jul

2.7avg / month

↑ 1 vs first month

No intelligence data for this group.

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for fsociety

Other

T1486

T1490

T1078

T1562

T1021

T1059

T1040

T1021.001

T1547

T1080

Victims(8)

Company	Domain	Country	Industry	Status	Discovered
G*****n.com	—	—	Financial Services	Claimed	10 months ago
H*u.iv.tw	—	TW Taiwan	Education	Claimed	10 months ago
Ieee-apscon.org	—	US United States	Education	Claimed	10 months ago
G*********************y.org	—	—	Education	Claimed	11 months ago
Idgcayman.com	—	KY Cayman Islands	Professional Services	Claimed	11 months ago
S******h.com	—	—	Professional Services	Claimed	11 months ago
I*******n.com	—	KY Cayman Islands	Retail & E-Commerce	Claimed	11 months ago
Ajmanre.gov.ae	—	AE United Arab Emirates	Government & Defense	Claimed	12 months ago

Affected countries(15)

Countries where this group has been reported to target or leak victims.

🇦🇪United Arab Emirates 🇦🇺Australia 🇨🇦Canada 🇩🇪Germany 🇬🇧United Kingdom 🇮🇱Israel 🇮🇳India 🇮🇹Italy Cayman Islands 🇲🇦Morocco 🇳🇴Norway Taiwan, Province of China 🇺🇸United States Virgin Islands, British 🇿🇲Zambia