Back to Threat Groups

underground

ACTIVE

ransomware group

πŸ‡·πŸ‡ΊRussia

Underground ransomware (also known as Underground Team) is a Russia-linked group associated with the RomCom RAT threat cluster, assessed to be connected to the Void Rabisu/Cuba ransomware operation. Active since late 2023, the group targets Windows systems and is notable for not encrypting files but instead threatening to publish stolen data. Researchers at Trend Micro linked the Underground group to infrastructure and tooling shared with RomCom campaigns attributed to Russian state-adjacent actors.

Victims
25
records
First Discovered
May 1, 2024
victim
Last Discovered
Aug 15, 2025
victim
Inactive Since
315
days
Countries
13
hit
Avg Discount
β€”
no settlements

Group Activity

Last 12 months
Jul
2025
1
Aug
2025
Sep
2025
Oct
2025
Nov
2025
Dec
2025
Jan
2026
Feb
2026
Mar
2026
Apr
2026
May
2026
Jun
2026

Victims (25)

SFA Engineering

undergroundπŸ‡°πŸ‡· KR
Aug 15, 2025

Revenue: $1.7 Billion Type: Industry Size: 2,3 TBytes

Technology3.0Published
sfa.co.kr

GMORS Co., Ltd

undergroundπŸ‡°πŸ‡· KR
Jun 25, 2025

Revenue: $100 million Type: Manufacturing Size: 302,7 GBytes

Manufacturing3.0Published
samhwa.com

Afa Systems Ltd.

undergroundπŸ‡¨πŸ‡¦ CA
Apr 16, 2025

Revenue: $37.2 million Type: Industry Size: 1,1 TBytes

Technology3.0Published
afasystemsinc.com

shengyusteel.com

undergroundπŸ‡ΉπŸ‡Ό TW
Apr 16, 2025

Revenue: $431.6 million Type: Manufacturing Size: 353,9 GBytes

Manufacturing3.0Published
shengyusteel.com

semex.com

undergroundπŸ‡¨πŸ‡¦ CA
Apr 16, 2025

Revenue: $170 million Type: Research Size: 214,2 GBytes

Agriculture and Food Production3.0Published
semex.com

Simmtech Co., Ltd.

undergroundπŸ‡¨πŸ‡³ CN
Dec 16, 2024

Revenue:$ 760M - Country :South Korea

Manufacturing3.0Published
simmtech.com

hcsgcorp.com

undergroundπŸ‡ΊπŸ‡Έ US
Oct 25, 2024

Revenue:$1.7 Billion - Country :USA

Healthcare3.0Published
hcsgcorp.com

Casio Computer Co., Ltd

undergroundπŸ‡―πŸ‡΅ JP
Oct 10, 2024

Revenue:$1.858 billion - Country :Japan

Technology3.0Published
casio.co.jp

ramservices.com

undergroundπŸ‡ΊπŸ‡Έ US
Jul 3, 2024

Revenue:$162M - Country :USA

Business Services3.0Published
ramservices.com

Ethypharm

undergroundπŸ‡«πŸ‡· FR
Jul 1, 2024

Revenue:$ 670M - Country :France

Healthcare3.0Published
ethypharm.com

A-Line Staffing Solutions

undergroundπŸ‡ΊπŸ‡Έ US
Jun 17, 2024

Revenue:$96.1M - Country :USA

Healthcare3.0Published
alinestaffing.com

belcherpharma.com

undergroundπŸ‡ΊπŸ‡Έ US
Jun 12, 2024

Revenue:$25.7M - Country :USA

Healthcare3.0Published
belcherpharma.com

CentralSecurities.com

undergroundπŸ‡ΊπŸ‡Έ US
Jun 11, 2024

Revenue:$230M - Country :USA

Financial3.0Published
centralsecurities.com

kc.co.kr

undergroundπŸ‡°πŸ‡· KR
May 3, 2024

Revenue:$650M - Country :South Korea

Technology3.0Published
kc.co.kr

bulldogbag.com

undergroundπŸ‡¨πŸ‡¦ CA
May 1, 2024

Revenue:$20.6M - Country :Canada

Manufacturing3.0Published
bulldogbag.com

frenckengroup.com

undergroundπŸ‡ΈπŸ‡¬ SG
May 1, 2024

Revenue:$50.0M - Country :Singapore

Manufacturing3.0Published
frenckengroup.com

synology.com

undergroundπŸ‡©πŸ‡ͺ DE
May 1, 2024

Revenue:$183.6M - Country :Germany, Taiwan

Technology3.0Published
synology.com

tpa-group.sk

undergroundπŸ‡ΈπŸ‡° SK
May 1, 2024

Revenue:tpa-group.com $281M; tpa-group.sk $15M - Country :Slovakia

Business Services3.0Published
tpa-group.sk

Triathlon.group

undergroundπŸ‡©πŸ‡ͺ DE
May 1, 2024

Revenue:$176M - Country :Australia, Germa...

Transportation/Logistics3.0Published
triathlon.group

awwg.com

undergroundπŸ‡ͺπŸ‡Έ ES
May 1, 2024

Revenue:€585M - Country :France, Spain, U...

Business Services3.0Published
awwg.com

KyungChang

underground
May 1, 2024

Revenue:$650M - Country :South Korea

Manufacturing3.0Published

Y. Hata & Co., Ltd.

undergroundπŸ‡ΉπŸ‡­ TH2 groups: alphv, lorenz
May 1, 2024

Revenue:$268M - Country :USA

Agriculture and Food Production3.0Published
sunwardpharma.com

Skender Construction

undergroundπŸ‡ΊπŸ‡Έ US
May 1, 2024

Revenue:$318.3 Million - Country :USA

Business Services3.0Published
skender.com

Creative Business Interiors

undergroundπŸ‡ΊπŸ‡Έ US
May 1, 2024

Revenue:$27M - Country :USA

Business Services3.0Published
creativebusinessinteriors.com

cochraneglobal.com

undergroundπŸ‡¦πŸ‡ͺ AE
May 1, 2024

Revenue:$270.8 Million - Country :United Arab Emir...

Technology3.0Published
cochraneglobal.com

Infrastructure

leak_site
ONLINE
http://47glxkuxyayqrvugfumgsblrdagvrah7gttfscgzn56eyss5wg3uvmqd.onion

2783ms

22d ago