Threat Group Profile
ransomhouse
โ Active โ last 30 days
Victim claims
10
First seen
Apr 2026
Last activity
14 Jun 2026
Tracked since
โ
Group overview
RansomHouse is a double-extortion RaaS operation active since late 2021, attributed to the threat actor "Jolly Scorpius," targeting over 120 organizations across healthcare, finance, transportation, and government, recently upgrading to a multi-layered dual-key encryption architecture.
Preferred targets
Manufacturing ยท 2
Technology ยท 2
Construction ยท 1
Public Sector ยท 1
Agriculture and Food Production ยท 1
Transportation/Logistics ยท 1
Most targeted countries
US ยท 4
IT ยท 1
AR ยท 1
HK ยท 1
IN ยท 1
ID ยท 1