spook
1 incidentes
1 paises
1 sectores
ransomware Ultimo: 2026-06-25
Spook is a ransomware group that emerged in late September 2021 and operated for a brief period, concluding its activity by October 2021. The group utilizes ransomware samples generated by the Thanos builder, a tool sold on underground forums, and shares significant code similarities with the Prometheus ransomware family. Spook's primary motivation is financial gain, achieved through a double extortion model that involves encrypting victim data and threatening its public release. A distinctive characteristic of Spook is its practice of publishing details of all compromised organizations on its leak site, irrespective of whether the ransom demands are met. The group's activities indicate a focus on manufacturing, financial, and retail sectors.
RansomLook pivots
Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.
Paises afectados
United States (1)Paises objetivo (SOCRadar)
Argentina
Austria
Belgium
Brazil
China
Spain
France
United Kingdom
HungaryIran, Islamic Republic ofSectores atacados
Manufacturing (1)
Sectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesEnterprises & HoldingAccommodationManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic AdministrationEducational Services