lamashtu
Ransomware group profile
Description
Lamashtu is an emerging data extortion group that primarily focuses on financial gain through large-scale exposure of sensitive organizational data. They utilize a unique centralized leak platform to publish victim disclosures and employ peer-to-peer methods for wide dissemination of compromised information. Their dual-impact extortion strategy combines ransom demands with threats of continued public data availability, increasing risk for victims.
Key insights
- •Operates a centralized leak platform for data exposure rather than traditional ransomware.
- •Uses peer-to-peer torrent-based distribution for disseminating stolen data.
- •Employs a dual-impact extortion model, threatening both ransom and public exposure of data.
- •Targets a variety of sectors including health care, real estate, and manufacturing.
- •First observed in April 2026, highlighting its recent emergence as a threat group.
- •Demands ransom payments while simultaneously threatening ongoing exposure of sensitive data.
Threat Level & Status Breakdown
For lamashtu · Based on incidents in selected period
Status Breakdown
Recent activity
Monthly attack count for lamashtu in the selected period
No intelligence data for this group.
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for lamashtu
T1486
T1486
T1490
T1490
T1041
T1041
T1021
T1021
T1562
T1562
T1071.001
T1071.001
T1048
T1048
T1005
T1005
T1070.001
T1070.001
T1105
T1105
Victims(32)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Shanpoornam Metals | shanpoornammetals.com | IN India | Manufacturing | Claimed | 5 days ago | |
| H-W-G & Acros Sport | h-w-g.com | DE Germany | Retail & E-Commerce | Claimed | 9 days ago | |
| ROTH‑TECHNIK AUSTRIA | rothtechnik.eu | AT Austria | Manufacturing | Claimed | 15 days ago | |
| MSC Group | msmelt.com | MY Malaysia | Transportation | Claimed | 17 days ago | |
| Parle Agro | parleagro.com | IN India | Other | Claimed | 18 days ago | |
| NaRaYa | naraya.com | TH Thailand | Manufacturing | Claimed | 22 days ago | |
| Saharuang | saharuang.com | TH Thailand | Manufacturing | Claimed | 22 days ago | |
| Depósito Dental Universitario | ddu.mx | MX Mexico | Healthcare | Claimed | 23 days ago | |
| Sistemas Electrónicos y de Telecomunicaciones | sertes.com.mx | MX Mexico | Technology | Claimed | 23 days ago | |
| Acros Sport GmbH | acros-components.com | DE Germany | Manufacturing | Claimed | 26 days ago | |
| Ashtech Infotech | ashinfo.com | IN India | Technology | Claimed | 26 days ago | |
| WOHA | — | SG Singapore | Professional Services | Claimed | 28 days ago | |
| GRANDHOME | grandhomemart.com | BD Bangladesh | Retail & E-Commerce | Claimed | 29 days ago | |
| Luna Group | lunagroupeg.com | EG Egypt | Healthcare | Claimed | about 1 month ago | |
| ROYAL M HOTEL BY GEWAN FUJAIRAH LLC | royalmhotels.com | AE United Arab Emirates | Hospitality | Claimed | about 1 month ago | |
| Apple Film Group | applefilm-group.com | TH Thailand | Technology | Claimed | about 1 month ago | |
| Malaysian NPK Fertilizer Sdn. Bhd | mnfsb.com.my | MY Malaysia | Other | Claimed | about 1 month ago | |
| Jesin Group | jesin.com.my | MY Malaysia | Professional Services | Claimed | about 1 month ago | |
| Biotehnos | biotehnos.ro | RO Romania | Healthcare | Claimed | about 2 months ago | |
| VOLTERRIES | volterres.fr | FR France | Energy & Utilities | Claimed | about 2 months ago |
Page 1 of 2
Affected countries(20)
Countries where this group has been reported to target or leak victims.