ransomhouse
Ransomware group profile
66Victims
RussiaSource country
81Impact score
Also Known As
Jolly Scorpius
Description
RansomHouse is a cybercriminal organization that specializes in data extortion through ransomware attacks, primarily targeting organizations with unpatched vulnerabilities. They employ double extortion tactics, encrypting data while threatening to leak it if ransom demands are not met. As a Ransomware-as-a-Service group, they have gained notoriety for their sophisticated phishing campaigns and exploitation of critical network weaknesses.
Key insights
- •Employs double extortion tactics by encrypting files and threatening to leak sensitive data.
- •Specializes in exploiting unpatched vulnerabilities and deploying advanced social engineering techniques.
- •Utilizes Ransomware-as-a-Service (RaaS) model to scale operations and tailor attacks to victims.
- •Targets various sectors, including healthcare and retail, with a focus on organizations with weak cybersecurity measures.
- •Utilizes tools like MrAgent and Mario ESXi for ransomware deployment and execution.
- •Recent activities indicate a shift towards targeting smaller, less-prepared organizations.
- •Ransom demands are typically paid in cryptocurrency to maintain anonymity.
Threat Level & Status Breakdown
For ransomhouse · Based on incidents in selected period
1.9threat level
Aggressiveness5/ 10
Lethality0/ 10
Criticality0.5/ 10
Status Breakdown
Claimed100.0%66
First seenJul 2025
Last seenApr 2026
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 2, 2026
Recent activity
Monthly attack count for ransomhouse in the selected period
66Total attacks
18peak in Oct
6.6avg / month
↑ 8 vs first month
Intelligence
IOCs, YARA/Sigma rules, and related families for ransomhouse
- 50520639cf77df0c15cc95076fac901e3d04b708
- 5bef7608d66112315eefff354dae42f49178b7498f994a728ae6203a8a59f5a2
- bfc9b956818efe008c2dbf621244b6dc3de8319e89b9fa83c9e412ce70f82f2c
- 907ddb26b0dc6ed70dfb7bfedf3e7e6f6b548aea0a5b568f1f38c007204e79f6
- d6d6174ec5370d8ffa8a163863544d52501813dc
- 26b3c1269064ba1bf2bfdcf2d3d069e939f0e54fc4189e5a5263a49e17872f2a
- 7e35c5a7ff185dbff35e05fa91385cbf
- ea6adefdd2be00d0c7072a9abe188ba9b0c9a75fa57f13a654caeaaf4c3f5fbc
- a97a28276e4f88134561d938f60db495
- d2853c1d92c73dc047cdb1f201900a99
- d36afcfe1ae2c3e6669878e6f9310a04fb6c8af525d17c4ffa8b510459d7dd4d
- 01735bb47a933ae9ec470e6be737d8f646a8ec66
- 518544e56e8ccee401ffa1b0a01a10ce23e49ec21ec441c6c7c3951b01c1b19c
- 2c89a18944d3a895bd6432415546635e
- e078778b62796bab2d7ab2b04d6b01bf
- 5c62cdf97b2caa60448619e36a5eb0b6
- d520d06d78afcad2e03842cb8db4622d18b92739e89dfb8dadf5743f30dcd903
- d484b9b8c44558c18ef6147c6ca8276a462fccf2acb2863be4ee9bf37942f11e
- 6e39063ca953f46f1d2fe50e9934aac4d0f08855b7b6b8d8996e7790da4e2d06
- ade84908dde9e1fbed35f643b210a6e2ade1f7c7
- 60d4ed7b689f3019ed1c7d7c1a9fb4f3dd044cd20a9cb51ef0c53ed66a4f6a75
- b379d8f583112cad3cf60f95ab3a67fd
- 0fe7fcc66726f8f2daed29b807d1da3c531ec004925625855f8889950d0d24d8
- 10f312b172391840a62cbb8837e8d89ff4f144e05ff9b97876f2fea45ca3e7bc
- e75e5778e71e062ce4a7af673f0b2513854d2367fee0f01a26c0c998863bdf6e
- a90103beef6b85e3874c1b79ad22f9323a7514a8162b03e465fc45a36c69356f
- 60678e352f3c849e36413f5de51b5eeca1180840c818f9ece0a0da803eb205a5
- cad891ffdea6cdcf1fbe84ce490015f0a56b8cef7f386bc07c12adc67d6ecaaa
- 0dcbb7c7af77efd4a2b39f2303806fcd
- b27ff24870d93d651ee1d8e06276fa98
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for ransomhouse
Other
T1486
T1486
T1490
T1490
T1078
T1078
T1059
T1059
T1021
T1021
T1562
T1562
T1547
T1547
T1021.001
T1021.001
T1080
T1080
T1003
T1003
Victims(66)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Karl Chevrolet | — | US United States | Retail & E-Commerce | Claimed | about 1 month ago | |
| Cybersecurity Vendor | — | NA Namibia | Technology | Claimed | about 1 month ago | |
| Star Energy Geothermal Salak | starenergy.co.id | ID Indonesia | Energy & Utilities | Claimed | about 1 month ago | |
| Jiangsu Zenergy Battery Technologies Group Co., Ltd. | zenergy.cn | CN China | Energy & Utilities | Claimed | about 1 month ago | |
| Winnitex (Americas) Limited | winnitex.com | US United States | Manufacturing | Claimed | about 2 months ago | |
| Trellix (McAfee & FireEye) | — | US United States | Technology | Claimed | 27 days ago | |
| Transaction Packing Inc | transactionpacking.com | US United States | Transportation | Claimed | about 2 months ago | |
| [DISCLOSED]Accelerated Services | — | — | — | Claimed | about 2 months ago | |
| [DISCLOSED]Bioptik Technology | — | TW Taiwan | Technology | Claimed | about 2 months ago | |
| [DISCLOSED] Irec Sas | — | FR France | Hospitality | Claimed | 2 months ago | |
| E&S Heating & Ventilation Ltd | — | — | — | Claimed | 2 months ago | |
| J & N Stone | — | US United States | Manufacturing | Claimed | 2 months ago | |
| Irec Sas | irec.fr | FR France | Hospitality | Claimed | 3 months ago | |
| Bioptik Technology | bioptik.com.tw | TW Taiwan | Technology | Claimed | 3 months ago | |
| Neinver | neinver.com | ES Spain | Hospitality | Claimed | 3 months ago | |
| Accelerated Services | acceleratedhvac.com | US United States | Professional Services | Claimed | 3 months ago | |
| [DISCLOSED]Assolim | — | BR Brazil | Manufacturing | Claimed | 5 months ago | |
| [DISCLOSED]Soderstrom Architects, LTD | — | — | Professional Services | Claimed | 5 months ago | |
| [DISCLOSED] Diaz Gill Medicina Laboratorial S.A. | — | — | Healthcare | Claimed | 5 months ago | |
| [Weapons License] Warren County Sheriff’s Office | warrencountykysheriff.com | US United States | Government & Defense | Claimed | 4 months ago |
Page 1 of 4
Affected countries(53)
Countries where this group has been reported to target or leak victims.
🇦🇪United Arab Emirates🇦🇷Argentina🇦🇹Austria🇦🇺AustraliaAruba🇦🇿Azerbaijan🇧🇪Belgium🇧🇬Bulgaria🇧🇷Brazil🇨🇦Canada🇨🇭Switzerland🇨🇳China🇨🇴Colombia🇨🇿Czech Republic🇩🇪Germany🇩🇰Denmark🇩🇴Dominican Republic🇪🇬Egypt🇪🇸Spain🇫🇮Finland🇫🇷France🇬🇧United Kingdom🇬🇷Greece🇭🇰Hong Kong🇭🇳Honduras🇭🇺Hungary🇮🇩Indonesia🇮🇱Israel🇮🇳India🇮🇹Italy🇯🇵Japan🇰🇳Saint Kitts and NevisKorea, Republic of🇲🇹Malta🇲🇻Maldives🇲🇽Mexico🇲🇾Malaysia🇳🇱Netherlands🇵🇭Philippines🇵🇰PakistanPuerto Rico🇵🇹PortugalRussian Federation🇸🇦Saudi Arabia🇸🇪Sweden🇸🇬Singapore🇹🇭ThailandTaiwan, Province of China🇺🇸United States🇺🇾UruguayVenezuela, Bolivarian Republic of🇻🇺Vanuatu🇿🇦South Africa