Spook

Ransomware Group Profile

Overview

Spook ransomware operated briefly in September–October 2021 as a rebrand of the Prometheus ransomware group (built on the Thanos builder), conducting double-extortion attacks against global targets with a concentration in manufacturing and unusually publishing all victim names regardless of ransom payment.

Dark Web Infrastructure (1)
spookuhvfyxzph54ikjfwf2mwmxt572krpom7reyayrmxbkizbvkpaid.onion
Activity Timeline
First Seen2021
Last Seen2021
Leak Sites1
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001