Ransomware Threat Intelligence
Real-time ransomware threat monitoring with comprehensive victim tracking, active group analysis, and cybersecurity intelligence from authentic sources.
Victim Intelligence
Latest verified victim disclosures and statistics
15870
Total Verified Victims
0
Reported Incidents
6
Active Groups Tracked
Recent Victim Disclosures
Last 10 reported| Organization | Group | Country | Discovered | Status |
|---|---|---|---|---|
|
TBN Israel Hacked
|
handala | Unknown | 2025-06-16 | Active |
|
CNPC USA
|
rhysida | Unknown | 2025-06-16 | Active |
|
Jasper Products
|
play | Unknown | 2025-06-16 | Active |
|
NF Stroth & Associates
|
play | Unknown | 2025-06-16 | Active |
|
S&H Express
|
play | Unknown | 2025-06-15 | Active |
|
Israel’s fuel supply system Data
|
handala | Unknown | 2025-06-15 | Active |
|
Israel’s fuel supply system Hacked
|
handala | Unknown | 2025-06-14 | Active |
|
NPD Products
|
play | Unknown | 2025-06-14 | Active |
|
Y.G. New Idan Hacked
|
handala | Unknown | 2025-06-14 | Active |
|
099 ISP Hacked
|
handala | Unknown | 2025-06-14 | Active |
Global Threat Intelligence Map
Interactive visualization of ransomware activity worldwide
Threat Intelligence Analytics
Geographic and sector distribution of ransomware incidents
Top Affected Countries
| Rank | Country | % of Total |
|---|---|---|
| 1 | United States | 41.1% |
| 2 | United Kingdom | 21.4% |
| 3 | Germany | 16.1% |
| 4 | France | 14.1% |
| 5 | Spain | 4.8% |
| 6 | Italy | 1.7% |
| 7 | Netherlands | 0.8% |
Top Affected Sectors
| Rank | Industry Sector | % of Total |
|---|---|---|
| 1 | Technology | 18.6% |
| 2 | Education | 16.4% |
| 3 | Healthcare | 11.7% |
| 4 | Legal | 11.4% |
| 5 | Financial | 11.1% |
| 6 | Energy | 10.6% |
| 7 | Construction | 8.0% |
| 8 | Transportation | 5.6% |
| 9 | Manufacturing | 4.2% |
| 10 | Retail | 2.4% |
Most Active Ransomware Groups
Top threat actors by victim count
Kuiper
Kuiper is a ransomware group tracked by RansomLook. This group conducts ransomware operations and maintains a data leak site for victim extortion.
Teamxxx
Teamxxx is a ransomware group tracked by RansomLook. This group conducts ransomware operations and maintains a data leak site for victim extortion.
Deathransom
Deathransom is a ransomware group tracked by RansomLook. This group conducts ransomware operations and maintains a data leak site for victim extortion...
Mydata
Mydata is a ransomware group tracked by RansomLook. This group conducts ransomware operations and maintains a data leak site for victim extortion.
Darkbit
Darkbit is a ransomware variant with 1 sample ransom notes in our database.
Abyss-Data
Abyss-Data is a ransomware group tracked by RansomLook. This group conducts ransomware operations and maintains a data leak site for victim extortion.
Latest Cybersecurity News
Recent ransomware and cybersecurity incidents
Startup Spotlight: Twine Security Tackles the Execution Gap
The company, one of four finalists in this year's Black Hat USA Startup Spotlight competition, uses multi-agent system t...
Predator Spyware Sample Indicates 'Vendor-Controlled' C2
Researchers detailed how Intellexa, Predator's owner, uses failed deployments and thwarted infections to strengthen its ...
Winter Olympics Could Share Podium With Cyberattackers
The upcoming Winter Games in the Italian Alps are attracting both hacktivists looking to reach billions of people and st...
Vulnerabilities Surge, But Messy Reporting Blurs Picture
MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...
Trio of Critical Bugs Spotted in Delta Industrial PLCs
Experts disagree on whether the vulnerabilities in a programmable logic controller from Delta are a five-alarm fire or n...