Arsenal Exploits TTP Matrix KillChain Mapa Actores SSLBL RansomLook Ransomwhere Alertas CyberNews

tridentlocker

5 incidentes 3 paises 4 sectores ransomware Ultimo: 2026-06-25

TridentLocker is a ransomware group that first surfaced in late November 2025, primarily motivated by financial gain through double-extortion tactics. This group distinguishes itself by targeting organizations that manage substantial volumes of regulated or third-party data, including government services, telecommunications, and engineering firms. Its operations involve publicly posting detailed victim profiles and countdown timers on its dark web leak site to exert pressure and hasten ransom payments. TridentLocker operates as a ransomware-as-a-service (RaaS) group and has been observed identifying itself as a data broker.

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →

Data

Recent Browse Trending Stats

Intel

Group URLs Crypto Leaks Notes Analyses Torrents

Info

API Glossary About

Victimas

TTPs unicas

Info robada historica

N/D

Rescates reclamados

N/D

Pagos detectados

N/D

Paises afectados

United Kingdom (3)

United States (1)

Japan (1)

Paises objetivo (SOCRadar)

Belgium

Canada

China

Spain

France

United Kingdom

Hong KongIraqIran, Islamic Republic of

Japan

Sectores atacados

Technology (1) Business Services (1) Energy (1) Government (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesSoftware PublishersAccommodationManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic AdministrationAdministrative &Waste Management