securotrop

Ransomware group profile

32Victims

38Impact score

Description

Securotrop is a ransomware group that emerged in March 2026, evolving from the Qilin ransomware gang. They primarily engage in financial extortion using a double-extortion model that includes data exfiltration and threatening to publish stolen data if ransoms are not paid.

Key insights

•Utilizes a double-extortion model involving data exfiltration and encryption of victim systems.
•Threatens to publish sensitive client and employee information on a leak site.
•Can exfiltrate large volumes of data, ranging from hundreds of gigabytes to over two terabytes.
•Targets diverse sectors and employs effective compromise vectors for breaches.
•Motivated primarily by financial gain through extortion.

Industries

Financial Services Hospitality Manufacturing Other Professional Services Retail & E-Commerce Technology Transportation

Threat Level & Status Breakdown

For securotrop · Based on incidents in selected period

2.3threat level

Aggressiveness6/ 10

Lethality0/ 10

Criticality0.6/ 10

Status Breakdown

Claimed100.0%32

First seenJun 2025

Last seenJun 2026

Avg ransom—

Payment rate—

Statusactive

Sophistication0

Last updatedJun 6, 2026

Recent activity

Monthly attack count for securotrop in the selected period

32Total attacks

5peak in Jun

2.7avg / month

↓ 4 vs first month

Intelligence

IOCs, YARA/Sigma rules, and related families for securotrop

d520d06d78afcad2e03842cb8db4622d18b92739e89dfb8dadf5743f30dcd903
e75e5778e71e062ce4a7af673f0b2513854d2367fee0f01a26c0c998863bdf6e
eae09889399fe4fb8e78b114dba0527de913d12fb1802944a88ed136e3e90577
94f73b5dc06ba6705fcef3e759413a747049c2949a0c2e44afc03b2f9989cf73

View full IOC feed500 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for securotrop

Other

T1486

T1490

T1041

T1562

T1078

T1021

T1021.001

T1561

T1059

T1547

Victims(54)

Company	Domain	Country	Industry	Status	Discovered
Kriete Truck Centers	krietetrucks.com	US United States	Transportation	Claimed	1 day ago
Thompson Builders Corporation	tbcorp.com	US United States	Other	Claimed	about 1 month ago
Synergy Engineering	—	US United States	Professional Services	Claimed	about 2 months ago
Tax Prep and More	—	US United States	Financial Services	Claimed	about 2 months ago
Jones Haber Law	—	US United States	Professional Services	Claimed	about 2 months ago
Universal Mailing Service	umsmail.com	US United States	Manufacturing	Claimed	4 months ago
Marshal Renee Construction	marshalrenee.com	US United States	Manufacturing	Claimed	4 months ago
Living Realty	livingrealty.com	CA Canada	Manufacturing	Claimed	5 months ago
Spartan Carbide	spartancarbide.com	US United States	Manufacturing	Claimed	6 months ago
Cadman Power Equipment	cadmanpower.com	CA Canada	Manufacturing	Claimed	6 months ago
Delta Coast Consultants	deltacoastllc.com	US United States	Manufacturing	Claimed	6 months ago
Mister Guns	misterguns.com	US United States	Manufacturing	Claimed	7 months ago
Pocatello Ready Mix	horrocksreadymix.com	US United States	Manufacturing	Claimed	7 months ago
Superior Air Parts	superiorairparts.com	US United States	Manufacturing	Claimed	8 months ago
Churchill Claims Services	churchill-claims.com	US United States	Manufacturing	Claimed	8 months ago
Mill Bay Marine Group	mbmg.ca	CA Canada	Manufacturing	Claimed	8 months ago
Structural Component Systems	scstruss.com	US United States	Manufacturing	Claimed	8 months ago
Allardyce Bower Consulting	abcengineering.ca	CA Canada	Manufacturing	Claimed	8 months ago
Weschler's Auctioneers	weschlers.com	US United States	Manufacturing	Claimed	8 months ago
JW Howard Attorneys	jwhowardattorneys.com	US United States	Manufacturing	Claimed	8 months ago

Page 1 of 3

Affected countries(6)

Countries where this group has been reported to target or leak victims.

🇧🇷Brazil 🇨🇦Canada 🇨🇭Switzerland 🇬🇧United Kingdom Russian Federation 🇺🇸United States