Skip to content
Ransomware group

SECUROTROP

Securotrop is a ransomware threat actor and ransomware-as-a-service operation that emerged publicly in 2025 and is widely described as a splinter or affiliate operating within the Qilin ecosystem.

Profile source: Mallory opens in a new tab

SECUROTROP

Family profile

Securotrop is a ransomware threat actor and ransomware-as-a-service operation that emerged publicly in 2025 and is widely described as a splinter or affiliate operating within the Qilin ecosystem. The group has maintained its own leak site while reportedly leveraging Qilin-associated infrastructure, code, or network relationships. Securotrop is associated with double-extortion operations, combining data theft with extortion pressure, and appears to place particular emphasis on exfiltrated data and public leak-site shaming.

Victim reporting and public claims indicate that Securotrop has targeted organizations primarily in the United States across multiple sectors, including retail, manufacturing, construction, transportation and logistics, energy, media, and technology. Publicly attributed victims include organizations such as Mister Guns and Structural Component Systems, alongside numerous additional claimed victims across 2025 and 2026. Reporting also places Securotrop among newer ransomware brands that appeared during 2024, with continued activity into 2025 and 2026.

The actor is known by the aliases Securotrop and securotrop_ransomware. Available information supports characterizing Securotrop as a financially motivated cybercriminal group rather than a state-sponsored intrusion set. High-confidence reporting links it to the broader Qilin ransomware network, but publicly available information does not establish a confirmed national affiliation, leadership structure, or distinct sub-groups beyond its apparent relationship as a splinter or affiliate of Qilin.

Ransomware.live

Operational record

View group record ↗

Ransomware.live

Published indicators

Full source record ↗

Tox

1 total
  • BAFBD2AE7FC859F27D49471EF83365DD7E345EB3908B0612BFE83FEF33F79919A6C636A4E543

Ransomware.live

Recent claims

All published claims ↗

We appreciate you

Derp wouldn't exist without the work these projects do for the security community. We rely on their data sources to improve the quality and depth of what we publish. Thank you, we're genuinely grateful.