Arsenal Exploits TTP Matrix KillChain Mapa SSLBL

ms13089

2 incidentes 2 paises 2 sectores ransomware Ultimo: 2026-05-05

ms13089 is a ransomware group that emerged in December 2025, primarily motivated by financial gain through data encryption and exfiltration. The group distinguishes itself by employing a double extortion model, threatening to publish sensitive stolen data if ransom demands are not met. Notably, the group named itself after a 2013 Microsoft Security Bulletin, MS13-089. There is limited public information available regarding its specific origin or any notable evolution in its operational structure.

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →

Data

Recent Browse Trending Stats

Intel

Group URLs Crypto Leaks Notes Analyses Torrents

Info

API Glossary About

Victimas

TTPs unicas

Info robada historica

N/D

Rescates reclamados

N/D

Pagos detectados

N/D

Paises afectados

United States (1)

Luxembourg (1)

Paises objetivo (SOCRadar)

Germany

France

United Kingdom

Italy

Luxembourg

United States

Sectores atacados

Consumer Services (1) Business Services (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsHospitalsAccommodationManufacturingConstructionEducational ServicesEnergy & Utilities Accommodation&Food ServicesTelecommunicationsTransportation&Warehousing

Victimas (2)

brittanyresidential.com5 May 2026

Ransomware

United States Consumer Services

Resumen Una alerta de ransomware fue detectada en brittanyresidential.com, una organización dedicada a apoyar a personas con discapacidades desarrolla…

sjl-legal.com15 Jan 2026

Ransomware

Luxembourg Business Services

Resumen sjl-legal.com ha sido identificada como una víctima de un ataque de ransomware asociado al grupo ms13089. La alerta se publicó el 2026-01-15, …