Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Underground

Underground ransomware is deployed by the Russia-based RomCom group (Storm-0978) and has victimized companies across multiple industries since July 2023 by exploiting CVE-2023-36884, encrypting files without changing extensions and deleting Volume Shadow Copies and Windows event logs in double-extortion campaigns.

Victims
26
 
First Discovered
2024-05-01
victim
Last Discovered
2025-08-15
victim
Inactive Since
272
days
Avg Delay
89.2
days
Infostealer
41.7%
victims with domain
Countries
11
hit
View Victims on World Map View Group Statistics
Attack Velocity — Last 12 months
Known Locations (2)
Favicon Title Type Available Last Visit Server Info FQDN
favicon SignIn | Chat No 2026-04-28T07:22:03 undgrddapc4reaunnrdrmnagvdelqfvmgycuvilgwb5uxm25sxawaoqd.onion
favicon All data | Underground store Yes 2026-05-14T00:45:19 NGINX nginx 47glxkuxyayqrvugfumgsblrdagvrah7gttfscgzn56eyss5wg3uvmqd.onion
Target
Top 5 Activity Sectors
  • Technology 7
  • Manufacturing 5
  • Healthcare 5
  • Business Services 5
  • Agriculture and Food Production 2
Top 5 Countries
  • US flag United States 9
  • KR flag Korea, Republic of 3
  • CA flag Canada 3
  • TW flag Taiwan, Province of China 2
  • DE flag Germany 2
Heatmap
Ransom Notes (1)
YARA Rules (1)
Victims (26)
Logo
SFA Engineering KR
Underground
Discovered: 2025-08-15 (9mo ago)
Revenue: $1.7 Billion Type: Industry Size: 2,3 TBytes…
Logo
GMORS Co., Ltd TW
Underground
Discovered: 2025-06-25 (10mo ago)
Revenue: $100 million Type: Manufacturing Size: 302,7 GBytes…
Logo
Afa Systems Ltd. CA
Underground
Discovered: 2025-04-16 (1y ago)  ·  Attack est.: 2025-02-13
Revenue: $37.2 million Type: Industry Size: 1,1 TBytes…
Logo
shengyusteel.com TW
Underground
Discovered: 2025-04-16 (1y ago)  ·  Attack est.: 2025-04-08
Revenue: $431.6 million Type: Manufacturing Size: 353,9 GBytes…
Logo
semex.com CA
Underground
Discovered: 2025-04-16 (1y ago)  ·  Attack est.: 2025-04-15
Revenue: $170 million Type: Research Size: 214,2 GBytes…
Logo
Simmtech Co., Ltd. KR
Underground
Discovered: 2024-12-16 (1y ago)
Revenue:$ 760M - Country :South Korea…
Logo
hcsgcorp.com US
Underground
Discovered: 2024-10-25 (1y ago)
Revenue:$1.7 Billion - Country :USA…
Logo
Casio Computer Co., Ltd JP
Underground
Discovered: 2024-10-10 (1y ago)  ·  Attack est.: 2024-10-09
Revenue:$1.858 billion - Country :Japan…
Logo
ramservices.com US
Underground
Discovered: 2024-07-03 (1y ago)
Revenue:$162M - Country :USA…
Logo
Ethypharm FR
Underground
Discovered: 2024-07-01 (1y ago)  ·  Attack est.: 2024-06-20
Revenue:$ 670M - Country :France…
Logo
A-Line Staffing Solutions US
Underground
Discovered: 2024-06-17 (1y ago)  ·  Attack est.: 2024-05-24
Revenue:$96.1M - Country :USA…
Logo
belcherpharma.com US
Underground
Discovered: 2024-06-12 (1y ago)  ·  Attack est.: 2024-05-04
Revenue:$25.7M - Country :USA…
Logo
CentralSecurities.com US
Underground
Discovered: 2024-06-11 (1y ago)  ·  Attack est.: 2024-05-15
Revenue:$230M - Country :USA…
Logo
www.belcherpharma.com US
Underground
Discovered: 2024-05-17 (1y ago)  ·  Attack est.: 2024-05-04
Revenue:$25.7M - Country :USA…
Logo
kc.co.kr KR
Underground
Discovered: 2024-05-03 (2y ago)  ·  Attack est.: 2024-02-23
Revenue:$650M - Country :South Korea…
Logo
bulldogbag.com CA
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2023-07-14
Revenue:$20.6M - Country :Canada…
Logo
frenckengroup.com SG
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2023-07-18
Revenue:$50.0M - Country :Singapore…
Logo
synology.com DE
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2023-05-30
Revenue:$183.6M - Country :Germany, Taiwan…
Logo
tpa-group.sk SK
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2023-07-04
Revenue:tpa-group.com $281M; tpa-group.sk $15M - Country :Slovakia…
Logo
Triathlon.group DE
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-01-26
Revenue:$176M - Country :Australia, Germa...…
Logo
awwg.com ES
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-01-25
Revenue:€585M - Country :France, Spain, U...…
Logo
KyungChang
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-03-06
Revenue:$650M - Country :South Korea…
Logo
Y. Hata & Co., Ltd. US
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-03-14
Revenue:$268M - Country :USA…
Logo
Skender Construction US
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-03-21
Revenue:$318.3 Million - Country :USA…
Logo
Creative Business Interiors US
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-03-17
Revenue:$27M - Country :USA…
Logo
cochraneglobal.com AE
Underground
Discovered: 2024-05-01 (2y ago)  ·  Attack est.: 2024-04-15
Revenue:$270.8 Million - Country :United Arab Emir...…