PanelActoresCampanasMapaTTPs
Panel » Actores » sicarii
ArsenalExploitsTTP MatrixKillChainMapaActoresIntelTrackerSSLBLRansomLookRansomwhereAlertasCyberNewsHudsonRockAnyRunAnaliticaOnChain
Logo del actor de amenaza sicarii

sicarii

1 incidentes 1 paises 1 sectores ransomware IL Ultimo: 2026-01-05
Aliases: The Sicari Knife
Ver en IntelTracker → APTTrail →
Sicarii is a Ransomware-as-a-Service (RaaS) operation that first emerged in December 2025, distinguishing itself through its explicit Israeli and Jewish branding, including Hebrew language and symbols like the Haganah emblem. While outwardly presenting an ideological motivation with claims of targeting Arab or Muslim states, evidence suggests this is a false-flag operation, as the group's underground activity is primarily conducted in Russian and Hebrew content appears machine-translated or non-native, indicating Russian-speaking operators. The group's primary motivation is financial, achieved through double extortion tactics involving data exfiltration and file encryption. A unique and critical characteristic setting Sicarii apart is a fundamental flaw in its ransomware's encryption process; it generates new RSA key pairs for each execution and immediately discards the private key, rendering encrypted data permanently unrecoverable even if a ransom payment is made.

RansomLook pivots

Data, inteligencia y referencias externas para contrastar actividad ransomware del actor.

Abrir perfil →
Data
RecentBrowseTrendingStats
Intel
GroupURLsCryptoLeaksNotesAnalysesTorrents
Info
APIGlossaryAbout
Victimas
1
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

United States (1)

Paises objetivo (SOCRadar)

United Arab EmiratesGermanySpainFranceUnited KingdomGreeceItalyNetherlandsRussian FederationSaudi Arabia

Sectores atacados

Manufacturing (1)

Sectores objetivo (SOCRadar)

Energy & Utilities ManufacturingFinanceHealthCare & Social AssistanceOtherPublic AdministrationAir TransportationTelecommunicationsSpace & DefensePerforming Arts Companies

Victimas (1)

Triad Packaging5 Jan 2026
Ransomware United States Manufacturing
Resumen Triad Packaging ha sido objetivo de un ataque de ransomware asociado al grupo sicarii, que ha resultado en la extorsión de 102 gigabytes de da…