spacebears

Ransomware group profile

61Victims

RussiaSource country

68Impact score

Description

SpaceBears is a ransomware group that primarily focuses on high-profile cyberattacks across various industries. Known for employing sophisticated tactics, they utilize advanced encryption and double extortion methods while also operating as a data broker. Their operations have a global reach, making significant impacts on targeted organizations.

Key insights

•Employs double extortion tactics by encrypting data and threatening to publish it online.
•Targets a wide range of sectors, including healthcare and energy, capitalizing on vulnerabilities related to ongoing events like the COVID-19 pandemic.
•Gains initial access through social engineering, phishing, and exploiting known software vulnerabilities.
•Adopts zero-day vulnerabilities for breaches, indicating a shift towards more advanced hacking techniques.
•Ransom demands are typically high, reflecting their focus on financial gain through data exfiltration.

Industries

Energy & Utilities Financial Services Government & Defense Healthcare Hospitality Manufacturing Other Professional Services Retail & E-Commerce Technology Transportation

Threat Level & Status Breakdown

For spacebears · Based on incidents in selected period

2.8threat level

Aggressiveness5/ 10

Lethality0.5/ 10

Criticality3/ 10

Status Breakdown

Data Leaked9.8%6

Claimed90.2%55

First seenJul 2025

Last seenJun 2026

Avg ransom—

Payment rate—

Statusactive

Sophistication0

Last updatedJun 23, 2026

Recent activity

Monthly attack count for spacebears in the selected period

61Total attacks

10peak in May

5.1avg / month

↑ 2 vs first month

No intelligence data for this group.

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for spacebears

Other

T1486

T1490

T1078

T1041

T1562

T1021

T1059

T1021.001

T1105

T1033

T1110

T1583

Victims(61)

Company	Domain	Country	Industry	Status	Discovered
Chebib Control	chebib.com.br	BR Brazil	Professional Services	Claimed	8 days ago
Sicol	sicol.com.br	BR Brazil	Manufacturing	Claimed	21 days ago
ECOVACS	ecovacs.com	CN China	Retail & E-Commerce	Claimed	9 days ago
Stellar	stellar.tc	FR France	—	Claimed	23 days ago
BASE SPA	basespa.com	IT Italy	Professional Services	Claimed	about 1 month ago
Gerencial	gerencialcontabil.com.br	BR Brazil	Professional Services	Claimed	8 days ago
Hunter	hunter.io	IE Ireland	Technology	Claimed	about 1 month ago
Cattani	cattani.it	IT Italy	Healthcare	Claimed	15 days ago
Filabé	filabe.ch	CH Switzerland	Other	Claimed	about 1 month ago
Lösing Filtertechnik	loesing-filter.de	DE Germany	Manufacturing	Claimed	15 days ago
Ridge Law Firm	ridgelawfirm.com	US United States	Professional Services	Claimed	29 days ago
Geske Haus- und Versorgungstechnik GmbH	geske-shk.de	DE Germany	Manufacturing	Claimed	22 days ago
Gestordes	gestordes.es	ES Spain	Professional Services	Claimed	29 days ago
Johnson & Johnson Innovative Medicine	jnj.com	US United States	Healthcare	Claimed	about 2 months ago
Asaniverko	asaniverko.be	BE Belgium	Professional Services	Claimed	2 months ago
Ultimate Metals	ultimatemetals.com	GB United Kingdom	Manufacturing	Claimed	2 months ago
SmilePoint Dental Group	smilepoint.us	US United States	Healthcare	Claimed	about 1 month ago
Erla Technologies SAS	erla.fr	FR France	Technology	Claimed	about 2 months ago
Brooklands of Mornington	brooklandsofmornington.com.au	AU Australia	Hospitality	Claimed	3 months ago
AbelZeta	abelzeta.com	BA Bosnia and Herzegovina	Healthcare	Claimed	4 months ago

Page 1 of 4