Sicarii

Inactive
Sicarii is a pro-Israeli/Jewish-branded ransomware-as-a-service operation that emerged in late 2025, explicitly targeting Arab and Muslim-majority organizations while avoiding Israeli systems, exploiting exposed RDP services and Fortinet devices, with its admin later instructing operators to migrate to the BQTLock platform.
1 Victims
Jan 5, 2026 First Discovered
Jan 5, 2026 Last Discovered
164 Days Inactive
0% Infostealer
0/2 Sites Online
Top Countries
US 1
Top Sectors
Manufacturing 1
Known Locations (2)
404 Not Found
sicarilxx2br6esqnhad4w26bcgb5j2snbbnhyo4b6t7kby2oy4x3jad.onion
403 Forbidden
sicari7zpu3mtxqggde7mu3ywppntdqg22arcukvlaihjbfcb2rnktid.onion
Victims (1)
Triad Packaging
US Manufacturing Discovered: Jan 5, 2026 · Attack est.: Jan 5, 2026
חברת Triad Packaging סבלה מהדלפת נתונים גדולה. 102 גיגה-בייט של נתונים רגישים נגנבו כולל מסמכים פנימיים, רישומים פיננסיים, ומידע לקוחות. הנתונים יפורסמו בעוד: קבצים אלה ישמשו כהוכחה לנתונים שהתקבלו. כל...
Source: Ransomware.live | Data cached and served by Digital Checkmark IT Services | Ransomware Tracker