Threat Group Profile
abyss
Dormant / historical
Victim claims
3
First seen
May 2026
Last activity
01 Jun 2026
Tracked since
β
Group overview
Abyss (also known as Abyss Locker) is a ransomware operation first identified in March 2023, derived from the Babuk source code, that targets Windows and Linux/VMware ESXi systems using double-extortion tactics across healthcare, manufacturing, finance, and technology sectors β predominantly in North America.
Preferred targets
Business Services Β· 1
Public Sector Β· 1
Technology Β· 1
Most targeted countries
DE Β· 1
US Β· 1