Underground ransomware is deployed by the Russia-based RomCom group (Storm-0978) and has victimized companies across multiple industries since July 2023 by exploiting CVE-2023-36884, encrypting files without changing extensions and deleting Volume Shadow Copies and Windows event logs in double-extortion campaigns.
26
Victims
May 1, 2024
First Discovered
Aug 15, 2025
Last Discovered
261
Days Inactive
16.7%
Infostealer
1/2
Sites Online
Victims (26)
SFA Engineering
KR
Technology
Discovered: Aug 15, 2025 · Attack est.: Aug 15, 2025
Revenue: $1.7 Billion Type: Industry Size: 2,3 TBytes
GMORS Co., Ltd
TW
Manufacturing
Discovered: Jun 25, 2025 · Attack est.: Jun 25, 2025
Revenue: $100 million Type: Manufacturing Size: 302,7 GBytes
semex.com
CA
Agriculture and Food Production
Discovered: Apr 16, 2025 · Attack est.: Apr 15, 2025
Revenue: $170 million Type: Research Size: 214,2 GBytes
shengyusteel.com
TW
Manufacturing
Discovered: Apr 16, 2025 · Attack est.: Mar 29, 2025
Revenue: $431.6 million Type: Manufacturing Size: 353,9 GBytes
Afa Systems Ltd.
CA
Technology
Discovered: Apr 16, 2025 · Attack est.: Feb 13, 2025
Revenue: $37.2 million Type: Industry Size: 1,1 TBytes
Simmtech Co., Ltd.
KR
Technology
Discovered: Dec 16, 2024 · Attack est.: Dec 16, 2024
Revenue:$ 760M - Country :South Korea
hcsgcorp.com
US
Healthcare
Discovered: Oct 25, 2024 · Attack est.: Oct 25, 2024
Revenue:$1.7 Billion - Country :USA
Casio Computer Co., Ltd
JP
Technology
Discovered: Oct 10, 2024 · Attack est.: Oct 4, 2024
Revenue:$1.858 billion - Country :Japan
ramservices.com
US
Business Services
Discovered: Jul 3, 2024 · Attack est.: Jul 3, 2024
Revenue:$162M - Country :USA
Ethypharm
FR
Healthcare
Discovered: Jul 1, 2024 · Attack est.: Jun 19, 2024
Revenue:$ 670M - Country :France
A-Line Staffing Solutions
US
Healthcare
Discovered: Jun 17, 2024 · Attack est.: May 23, 2024
Revenue:$96.1M - Country :USA
CentralSecurities.com
US
Financial Services
Discovered: Jun 11, 2024 · Attack est.: May 14, 2024
Revenue:$230M - Country :USA
belcherpharma.com
US
Healthcare
Discovered: Jun 12, 2024 · Attack est.: May 3, 2024
Revenue:$25.7M - Country :USA
www.belcherpharma.com
US
Healthcare
Discovered: May 17, 2024 · Attack est.: May 3, 2024
Revenue:$25.7M - Country :USA
cochraneglobal.com
AE
Technology
Discovered: May 1, 2024 · Attack est.: Apr 14, 2024
Revenue:$270.8 Million - Country :United Arab Emir...
Skender Construction
US
Business Services
Discovered: May 1, 2024 · Attack est.: Mar 20, 2024
Revenue:$318.3 Million - Country :USA
Creative Business Interiors
US
Business Services
Discovered: May 1, 2024 · Attack est.: Mar 16, 2024
Revenue:$27M - Country :USA
Y. Hata & Co., Ltd.
US
Agriculture and Food Production
Discovered: May 1, 2024 · Attack est.: Mar 13, 2024
Revenue:$268M - Country :USA
KyungChang
Manufacturing
Discovered: May 1, 2024 · Attack est.: Mar 6, 2024
Revenue:$650M - Country :South Korea
kc.co.kr
KR
Technology
Discovered: May 3, 2024 · Attack est.: Feb 22, 2024
Revenue:$650M - Country :South Korea
Triathlon.group
DE
Transportation/Logistics
Discovered: May 1, 2024 · Attack est.: Jan 25, 2024
Revenue:$176M - Country :Australia, Germa...
awwg.com
ES
Business Services
Discovered: May 1, 2024 · Attack est.: Jan 24, 2024
Revenue:€585M - Country :France, Spain, U...
frenckengroup.com
SG
Manufacturing
Discovered: May 1, 2024 · Attack est.: Jul 18, 2023
Revenue:$50.0M - Country :Singapore
bulldogbag.com
CA
Manufacturing
Discovered: May 1, 2024 · Attack est.: Jul 14, 2023
Revenue:$20.6M - Country :Canada
tpa-group.sk
SK
Business Services
Discovered: May 1, 2024 · Attack est.: Jul 3, 2023
Revenue:tpa-group.com $281M; tpa-group.sk $15M - Country :Slovakia
synology.com
DE
Technology
Discovered: May 1, 2024 · Attack est.: May 29, 2023
Revenue:$183.6M - Country :Germany, Taiwan