thegentlemen
Ransomware group profile
480Victims
RussiaSource country
89Impact score
Also Known As
The Gentlemen Ransomware
the gentlemen
Description
The Gentlemen is a financially motivated ransomware-as-a-service group that emerged in early 2023 and gained significant prominence by 2025. They utilize a double-extortion model, encrypting data while threatening to leak sensitive information, often accelerating pressure tactics without extensive negotiations.
Key insights
- •Targets primarily sectors like healthcare, technology, and construction, avoiding Commonwealth of Independent States entities.
- •Initial access often gained through exploitation of CVE-2024-55591 in FortiOS and FortiProxy devices.
- •Employs advanced tactics including BYOVD attacks for evasion and a pre-ransomware script to disable security measures.
- •Maintains a database of compromised credentials to enhance targeting and operational effectiveness.
- •Demonstrates a preference for rapid data publication to maximize pressure on victims.
Threat Level & Status Breakdown
For thegentlemen · Based on incidents in selected period
4.2threat level
Aggressiveness10/ 10
Lethality0.1/ 10
Criticality2.2/ 10
Status Breakdown
Data Leaked0.6%3
Negotiating0.4%2
Claimed65.2%313
First seenJun 2025
Last seenJun 2026
Avg ransom—
Payment rate—
Statusactive
Sophistication0
Last updatedJun 23, 2026
Recent activity
Monthly attack count for thegentlemen in the selected period
480Total attacks
98peak in Apr
36.9avg / month
↑ 69 vs first month
Intelligence
IOCs, YARA/Sigma rules, and related families for thegentlemen
- 7e366683f1d175278feefaaa35d87e87076931974506b9f373a775a428c28f10
TTPs & Attack Vectors
Tools, initial access, and MITRE ATT&CK techniques for thegentlemen
CVE-2025-7771
CVE-2025-33073
CVE-2025-32433
CVE-2024-55591
CVE-2024-37085
CVE-2023-27532
Other
T1486
T1486
T1490
T1490
T1078
T1078
T1068
T1068
T1059
T1059
T1562
T1562
T1021
T1021
T1021.001
T1021.001
T1047
T1047
T1218
T1218
T1550
T1550
T1555
T1555
Victims(200)
| Company | Domain | Country | Industry | Status | Discovered | |
|---|---|---|---|---|---|---|
| Athens Orthopedic Clinic | athensorthopedicclinic.com | GR Greece | Healthcare | Unknown | 5 days ago | |
| hiddenn | — | — | — | Unknown | 5 days ago | |
| Al Khaja Holding | alkhajaholding.com | AE United Arab Emirates | Professional Services | Unknown | 5 days ago | |
| Cofaq | cofaq.fr | FR France | Retail & E-Commerce | Unknown | 5 days ago | |
| Sertrans | sertrans.es | ES Spain | Transportation | Unknown | 5 days ago | |
| Burris MacOmber | burrismacomber.com | US United States | Professional Services | Unknown | 5 days ago | |
| Yudu Technology | yudutek.com | SG Singapore | Technology | Unknown | 5 days ago | |
| Amigest | amigest.fr | FR France | Other | Unknown | 5 days ago | |
| Ty Thac Co | tythac.com.vn | VN Vietnam | Manufacturing | Unknown | 5 days ago | |
| TERRIO Therapy Fitness | terriotherapy.com | MX Mexico | Retail & E-Commerce | Unknown | 5 days ago | |
| SGS Malaysia | sgsmalaysia.com | MY Malaysia | Professional Services | Unknown | 5 days ago | |
| Alexander Buch Bilanzbuchhalter | buch-bilanzbuchhalter.de | DE Germany | Professional Services | Unknown | 5 days ago | |
| Vera Chimie Management | verachimie.fr | FR France | Manufacturing | Unknown | 5 days ago | |
| Buechel Stone | buechelstone.com | US United States | Manufacturing | Unknown | 10 days ago | |
| Maine Oxy | maineoxy.com | US United States | Energy & Utilities | Unknown | 10 days ago | |
| Cole Manufacturing | colemfg.com | US United States | Manufacturing | Unknown | 10 days ago | |
| Kozminski University | kozminski.edu.pl | PL Poland | Education | Unknown | 10 days ago | |
| Constructions Piraino | piraino.fr | FR France | Other | Unknown | 10 days ago | |
| Fecovita | fecovita.com | AR Argentina | Other | Unknown | 10 days ago | |
| Traublinger | traublinger.de | DE Germany | Manufacturing | Unknown | 10 days ago |
Page 1 of 10
Affected countries(89)
Countries where this group has been reported to target or leak victims.
🇦🇪United Arab Emirates🇦🇷Argentina🇦🇹Austria🇦🇺Australia🇧🇩Bangladesh🇧🇪Belgium🇧🇷Brazil🇨🇦Canada🇨🇭SwitzerlandCôte d'Ivoire🇨🇱Chile🇨🇳China🇨🇴Colombia🇨🇿Czech Republic🇩🇪Germany🇩🇰Denmark🇩🇴Dominican Republic🇩🇿Algeria🇪🇨Ecuador🇪🇬Egypt🇪🇸Spain🇫🇯Fiji🇫🇷France🇬🇧United Kingdom🇬🇭Ghana🇬🇲GambiaGuadeloupe🇬🇷Greece🇬🇹Guatemala🇭🇰Hong Kong🇭🇳Honduras🇭🇷Croatia🇭🇹Haiti🇭🇺Hungary🇮🇩Indonesia🇮🇪Ireland🇮🇱Israel🇮🇳India🇮🇶Iraq🇮🇸Iceland🇮🇹Italy🇯🇲Jamaica🇯🇴Jordan🇯🇵Japan🇰🇪KenyaKorea, Republic of🇰🇼Kuwait🇱🇧Lebanon🇱🇨Saint Lucia🇱🇺Luxembourg🇲🇦Morocco🇲🇬Madagascar🇲🇹Malta🇲🇺Mauritius🇲🇽Mexico🇲🇾Malaysia🇳🇬Nigeria🇳🇱Netherlands🇳🇵Nepal🇳🇿New Zealand🇴🇲Oman🇵🇦Panama🇵🇪Peru🇵🇬Papua New Guinea🇵🇭Philippines🇵🇰Pakistan🇵🇱PolandPuerto Rico🇵🇹Portugal🇵🇾Paraguay🇶🇦Qatar🇷🇴RomaniaRussian Federation🇸🇦Saudi Arabia🇸🇨Seychelles🇸🇪Sweden🇸🇬Singapore🇸🇳Senegal🇸🇻El Salvador🇹🇭Thailand🇹🇳Tunisia🇹🇷TurkeyTaiwan, Province of China🇺🇦Ukraine🇺🇸United States🇺🇾UruguayVenezuela, Bolivarian Republic of🇻🇳Vietnam🇿🇦South Africa