obscura

Ransomware group profile

31Victims

58Impact score

Description

Obscura is a sophisticated threat group known for its diverse tactics and wide-ranging targets. They operate across various sectors, employing advanced techniques to compromise systems and extract sensitive data. Their activities have significant implications for affected organizations, often resulting in financial and operational disruption.

Key insights

•Utilizes phishing and social engineering for initial access.
•Targets a wide array of sectors including construction, real estate, and public administration.
•Employs ransomware and data exfiltration tactics to maximize impact.
•Operates internationally, with notable activity in both Europe and North America.
•Engages in supply chain attacks to infiltrate organizations indirectly.
•Adapts quickly to changes in security measures, demonstrating high resilience.

Industries

Energy & Utilities Government & Defense Healthcare Hospitality Manufacturing Other Professional Services Retail & E-Commerce Technology Transportation

Threat Level & Status Breakdown

For obscura · Based on incidents in selected period

2.6threat level

Aggressiveness5/ 10

Lethality0.8/ 10

Criticality1.9/ 10

Status Breakdown

Data Leaked16.1%5

Claimed25.8%8

First seenJul 2025

Last seenJan 2026

Avg ransom—

Payment rate—

Statusactive

Sophistication0

Last updatedJun 2, 2026

Recent activity

Monthly attack count for obscura in the selected period

31Total attacks

9peak in Dec

4.4avg / month

↑ 2 vs first month

Intelligence

IOCs, YARA/Sigma rules, and related families for obscura

d520d06d78afcad2e03842cb8db4622d18b92739e89dfb8dadf5743f30dcd903
e75e5778e71e062ce4a7af673f0b2513854d2367fee0f01a26c0c998863bdf6e
1942510d3b5691819636067ec89b7b7bb18f784d819060d687fc0248dbed5047
eae09889399fe4fb8e78b114dba0527de913d12fb1802944a88ed136e3e90577
94f73b5dc06ba6705fcef3e759413a747049c2949a0c2e44afc03b2f9989cf73

View full IOC feed500 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for obscura

Other

T1486

T1490

T1078

T1021

T1562

T1059

T1547

T1021.001

T1106

T1203

T1012

T1080

Victims(31)

Company	Domain	Country	Industry	Status	Discovered
Thai Petroleum & Trading	thaipet.com	TH Thailand	Manufacturing	Claimed	5 months ago
STC Concrete Product	stc.co.th	TH Thailand	Other	Unknown	5 months ago
REDtone	redtone.com	MY Malaysia	Technology	Unknown	5 months ago
Revoil	revoil.gr	GR Greece	Energy & Utilities	Unknown	5 months ago
[Redacted] #1927	—	TH Thailand	Energy & Utilities	Unknown	5 months ago
Trend Import Export	trend.ro	RO Romania	Technology	Unknown	5 months ago
km*w.com	km*w.com	NA Namibia	Transportation	Unknown	6 months ago
CleverPower	cleverpower.eu	DK Denmark	Energy & Utilities	Unknown	5 months ago
clerper.eu	clerper.eu	NA Namibia	Energy & Utilities	Unknown	6 months ago
New Obscura 2.0!	fbi.gov	US United States	Government & Defense	Unknown	6 months ago
StanleyCo Malaysia	stanleyco.com.my	MY Malaysia	Professional Services	Unknown	6 months ago
Startek Engineering Inc.	startek-eng.com	TW Taiwan	Technology	Unknown	6 months ago
ACE Forwarding	aceforwarding.com	US United States	Transportation	Unknown	6 months ago
New Toyo International Holdings Ltd	newtoyo.com	SG Singapore	Manufacturing	Data Leaked	7 months ago
Thompson Dorfman Sweatman	tdslaw.com	CA Canada	Professional Services	Data Leaked	7 months ago
Federal Auto Holdings Berhad	federalauto.com.my	MY Malaysia	Transportation	Data Leaked	7 months ago
Cape Dara Resort Pattaya	capedarapattaya.com	TH Thailand	Hospitality	Data Leaked	8 months ago
relationmedia.dk	—	DK Denmark	Technology	Claimed	8 months ago
thefixingcompany.com	—	IE Ireland	Other	Claimed	8 months ago
eastdesign.com.my	—	MY Malaysia	Professional Services	Claimed	8 months ago

Page 1 of 2

Affected countries(21)

Countries where this group has been reported to target or leak victims.