Ransomware Group:  
Threeam



Sponsored by Hudson RockUse Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business


Sites | TTPs | Activity | Worldmap | Victims (47)

A new Ransomware family identified by the name '3AM' or 'ThreeAM' in September 2023. The ransomware operation was observed by the Symantec team, in which a ransomware affiliate attempted to deploy another ransomware, LockBit, on the target network and then switched to 3AM when LockBit was reportedly blocked.
>
> The ransomware operation, according to the publication on its Tor-based website, has been operating since mid-August 2023, according to the publication from its first victim.
Source: https://github.com/crocodyli/ThreatActors-TTPs


Sites

Title Available Last Visit FQDN Screenshot
ThreeAM Blog 🟢 2024-11-21 07:59:55.082620 threeamkelxicjsaf2czjyz2lc4q3ngqkxhhlexyfcp2o6raw4rphyad.onion 📸

TTPs

Activity over time

Worldmap

47 Victims

US flag

midstatesindustrial.com 

Company logo
Ransomware Group:

Discovery Date: 2024-11-13 11:52

Mid-States Industrial, Incorporated was founded in 1992 with the objective of providing quality tank repair paired with specialized in-house engineering services. For over 30 years, Mid-States has provided industrial maintenance, repair, and new...

Victim:   |  Group: 
AU flag

anuenterprise.com.au 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:32

Sector: Construction
ANU Enterprise works behind the scenes to maximise the impact of research findings of the Australian National University, on the world. We enable researchers to generate and deliver consulting, contract research and executive education...

Victim:   |  Group: 
US flag

inhometexas.com 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:30

Sector: Healthcare
In-Home Attendant Services partners with individuals of every age and disability to assist them with living a more independent lifestyle. With either the CDS or Agency option, you have choices that help you take charge of who comes into your...

Victim:   |  Group: 
BR flag

caillau.com.br 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:28

Desde o início do século XXI, a Caillau tem oferecido ao mercado a síntese perfeita das palavras “Historical Expertise”, além das recentes mudanças implementadas com sucesso, tanto na entrada de novos acionistas como nas áreas...

Victim:   |  Group: 
US flag

sandray.com 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:26

Sector: Not Found
Sandray Precision Grinding Inc is located in Rockford, Illinois and has served the Midwest region for 50 years of grinding experience. Sandray Precision Grinding Inc operates in 2 buildings with 34,000 square feet and has a wide variety of...

Victim:   |  Group: 
AU flag

mpspromotions.com 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:24

Our team succeeds in providing an affordable and reliable redemption service for all promotional needs. Our services are designed especially for new coupon users and small to mid-size consumer product companies. Our business model and service...

Victim:   |  Group: 
US flag

freedomhomecare.net 

Company logo
Ransomware Group:

Discovery Date: 2024-10-31 13:21

Sector: Healthcare
We are here for you whenever you need us, for however long you need us. At Freedom Home Care and Medical Staffing, we never lose sight of the details and focus on the customer service our clients have come to expect. Since our founding in 1997,...

Victim:   |  Group: 
US flag

carolinaarthritis.com 

Company logo
Ransomware Group:

Discovery Date: 2024-10-24 14:15

Sector: Healthcare
Welcome to Carolina Arthritis Since its founding in 1991, Carolina Arthritis has been leading the way in the diagnosis and treatment of arthritis, musculoskeletal disorders, connective tissue diseases, autoimmune illnesses and osteoporosis. At...

Victim:   |  Group: 
CO flag

oklahomasleepinstitute.co 

Company logo
Ransomware Group:

Discovery Date: 2024-10-10 19:03

Sector: Healthcare
The Oklahoma Sleep Institute, founded in 2003, is dedicated to providing the highest quality sleep medicine to the community. We are a comprehensive Sleep Disorder Clinic staffed by Advanced Registered Nurse Practitioners and a Board Certified...

Victim:   |  Group: 
GB flag

verco.co.uk 

Company logo
Ransomware Group:

Discovery Date: 2024-09-30 19:49

William Vere & Sons was founded in 1912 by the great-grandfather of Richard Vere, our current Managing Director was a craftsman Chair Maker who made Windsor chairs. This classic wood chair was the staple product of the area, due to the abundant...

Victim:   |  Group: 
GB flag

carlile-group.com 

Company logo
Ransomware Group:

Discovery Date: 2024-09-30 17:50

The Carlile Group is a collective of experts committed to advancing the science of buildings. We collaborate to assist owners in creating, enhancing, and maintaining our built environment.

Victim:   |  Group: 
GB flag

sacredheart.southwark.sch 

Company logo
Ransomware Group:

Discovery Date: 2024-09-30 17:48
Estimated Attack Date: 2024-06-18

Sacred Heart Catholic School is a vibrant and dynamic school with high expectations and great ambitions for every one of our pupils. We believe that discipline, structure and common purpose are solid foundations for success in life and...

Victim:   |  Group: 
AU flag

mctas.org.au 

Company logo
Ransomware Group:

Discovery Date: 2024-09-30 17:46
Estimated Attack Date: 2024-06-06

Sector: Healthcare
mctas.org.au (respect.com.au) Providing better living in Australia for over a century As a proud not for profit organisation since 1922, Respect serves the senior community through our high standard of care and community. Our name may have...

Victim:   |  Group: 
SG flag

mnpl.com.sg 

Company logo
Ransomware Group:

Discovery Date: 2024-09-30 17:44
Estimated Attack Date: 2024-07-25

Manufacturing Network Pte Ltd (“MNPL”) was established in November 2000 in Singapore. Our main business includes the stocking, distribution and cutting of aluminium alloy plates, sheets and extrusion bars and profiles.

Victim:   |  Group: 
ES flag

gestiriego.com 

Company logo
Ransomware Group:

Discovery Date: 2024-09-18 12:12
Estimated Attack Date: 2024-08-26

Desde 1985 aportando soluciones globales para la agricultura de alto rendimiento. El GRUPO GESTIRIEGO está formado por una amplia red internacional de delegaciones y distribuidoras extendidas por todo el mundo, con sede central en España. Nuestra...

Victim:   |  Group: 
US flag

brunswickhospitalcenter.org 

Company logo
Ransomware Group:

Discovery Date: 2024-09-12 18:10

Sector: Healthcare
We are located in Amityville, Long Island, New York and are fully accredited by The Joint Commission and licensed by the New York State Office of Mental Health. We offer a state of the art program that focuses on the treatment of acute mental...

Victim:   |  Group: 
US flag

thermalsolutionsllc.com 

Company logo
Ransomware Group:

Discovery Date: 2024-05-16 04:42

Thermal Solutions LLC is also a proud family-owned and operated HVAC-R business. Our heating and AC repairs include new equipment installations if needed. We help by walking you through all of the issues faced with your equipment and give you...

Victim:   |  Group: 
BR flag

escriba.com.br 

Company logo
Ransomware Group:

Discovery Date: 2024-05-16 04:40

Sector: Technology
Somos a maior empresa em sistemas e soluções para cartórios extrajudiciais. Atuamos no desenvolvimento de softwares e soluções inovadoras para a gestão de cartórios extrajudiciais, tabelionato de notas, tabelionato de protestos, ofício de...

Victim:   |  Group: 
FR flag

compagniedephalsbourg.com 

Company logo
Ransomware Group:

Discovery Date: 2024-04-15 07:34
Estimated Attack Date: 2024-03-21

Sector: Construction
Compagnie de Phalsbourg is a real estate development, investment and management company. Founded in 1989, it ranks among the leaders of the French retail real estate market. Compagnie de Phalsbourg develops...

Victim:   |  Group: 
US flag

kh.org 

Company logo
Ransomware Group:

Discovery Date: 2024-03-25 11:47

Sector: Healthcare
Founded in 1966, Kootenai Health is a hospital that provides patient care services for people in Idaho, Montana, and Eastern Washington. They are based in Coeur d'Alene, Idaho. ...

Victim:   |  Group: 
GB flag

moore-tibbits.co.uk 

Company logo
Ransomware Group:

Discovery Date: 2024-02-27 12:56

Moore & Tibbits is a well respected law firm, with more than 188 years of legal service in the centre of Warwick. Our reputation is based on a reliable, flexible, personal, first class service combined with the use of modern technology which...

Victim:   |  Group: 
US flag

mtmrobotics.com 

Company logo
Ransomware Group:

Discovery Date: 2024-02-22 14:42
Estimated Attack Date: 2023-11-14

Sector: Technology
As an Airbus Robotics Company, MTM Robotics is a trusted global provider of high-quality automation systems, software systems, and engineering services for the aerospace and aircraft manufacturing industries.

Victim:   |  Group: 
AU flag

abcor.com.au 

Company logo
Ransomware Group:

Discovery Date: 2024-02-22 14:41

Sector: Construction
Preston General Engineering (PGE), a division of ABCOR Pty Ltd, is the industry leader in the fabrication and assembly of metal, aluminium and stainless steel parts. PGE has a strong commitment of service to provide quality products that are...

Victim:   |  Group: 
US flag

doneff.com 

Company logo
Ransomware Group:

Discovery Date: 2024-02-21 12:44

From luxury apartments and exclusive active adult housing to affordable, moderate family living, Doneff Companies LLC has built and manages more than 1,056 apartment homes across central and eastern Wisconsin.

Victim:   |  Group: 
US flag

garonproducts.com 

Company logo
Ransomware Group:

Discovery Date: 2024-02-12 22:29

For over 60 years, Garon Products, Inc. has defined what it means to be a trusted concrete coating supplier. Our top-quality concrete floor repair products and floor coatings meet the demands of even the most challenging industrial,...

Victim:   |  Group: 
MX flag

etsolutions.com.mx 

Company logo
Ransomware Group:

Discovery Date: 2024-02-01 23:04

Somos una empresa 100% mexicana dedicada a la implementación de soluciones de infraestructura y seguridad en procesos de operación crítica. Nuestro equipo está formado por profesionales, especialistas y tecnicos certificados para ofrecer...

Victim:   |  Group: 
CA flag

thecsi.com 

Company logo
Ransomware Group:

Discovery Date: 2024-01-12 19:27

Sector: Construction
CSI is a product lifecycle management company based in Scarborough, Ontario. CSI is ISO 9001:2015 + TL 9000 - V R6.0/ R5.5 Certified. CSI specializes in Smart City technology, IoT and have a state-of-the-art data storage facility in...

Victim:   |  Group: 
US flag

pharrusa.com 

Company logo
Ransomware Group:

Discovery Date: 2024-01-12 19:26

Headquartered in McAdenville, North Carolina, Pharr Yarns is one of the most diversified sales yarn manufacturers in the world. We serve our diversified global customer base from offices across the United States and Europe. Our US operations...

Victim:   |  Group: 
 flag

woodruffenterprises.com 

Company logo
Ransomware Group:

Discovery Date: 2023-12-12 17:42

Sector:
Woodruff Enterprises Inc. is a rapidly growing company with roots in farming and agriculture. It was by the request of our loyal customers that we began hauling livestock with a pickup truck and a gooseneck trailer...

Victim:   |  Group: 
US flag

shareharris.com 

Company logo
Ransomware Group:

Discovery Date: 2023-12-12 17:42

Sector:
Share & Harris LLC is a company that operates in the Accounting industry. It employs 11-20 people and has $1M-$5M of revenue. The company is headquartered in East Brunswick, New Jersey, 08816, United States

Victim:   |  Group: 
 flag

syrtech.com 

Company logo
Ransomware Group:

Discovery Date: 2023-12-06 08:57

Sector:
Syr-Tech manufactures custom perforated metal as well as roll formed metal shapes to your exact specifications. With hundreds of stock perforated metal patterns as well as a huge assortment of standard roll formed tooling, chances are we...

Victim:   |  Group: 
 flag

ussignandmill.com 

Company logo
Ransomware Group:

Discovery Date: 2023-12-05 16:11

Sector:
We typically serve two types of customers: national powerhouses looking for mass-produced, brand-consistent signage and local business owners seeking custom builds. While both have very different goals, one thing remains...

Victim:   |  Group: 
 flag

carrellblanton.com 

Company logo
Ransomware Group:

Discovery Date: 2023-11-27 16:23

Sector:
FOUR LOCATIONS. ONE FIRM. As a boutique law firm, specializing in estate planning, trust and estate administration, and elder law, we are dedicated to serving all our clients with a high level of quality, effort, and creativity. Pulling...

Victim:   |  Group: 
FR flag

ds-granit.fr 

Company logo
Ransomware Group:

Discovery Date: 2023-11-22 07:26

Sector:
DS GRANIT vous conseille et vous accompagne de A à Z dans vos projets les plus ambitieux. Notre connaissance de ce domaine nous permet de vous proposer des produits en adéquation avec votre mobilier, avec une prestation de qualité. ...

Victim:   |  Group: 
RO flag

nealbrothers.co.uk 

Company logo
Ransomware Group:

Discovery Date: 2023-11-18 11:07

Sector:
Neal Brothers are a fundamental member representing the UK, Romania and Charleston USA. INPRO Export Services Ltd, is an organisation registered in England as a Consortium of Independent Export Packing and Transportation...

Victim:   |  Group: 
GB flag

maniland.co.uk 

Company logo
Ransomware Group:

Discovery Date: 2023-10-26 19:54

Sector:
Maniland Ltd is an active company incorporated on 5 March 2019 with the registered office located in Wembley, Greater London. Maniland Ltd has been running for 4 years. Classification: Buying and selling of own real estate (68100) Letting and...

Victim:   |  Group: 
 flag

claimtek.com 

Company logo
Ransomware Group:

Discovery Date: 2023-10-26 12:21

Sector:
ClaimTek’s Professional Medical & Dental Billing Software Offers Advanced Features, Versatility And Flexibility. When you work with ClaimTek, you are working directly with the software developer. ClaimTek offers a professional suite of modern...

Victim:   |  Group: 
 flag

simmonsequip.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-28 13:18

Sector:
Simmons Equipment Company was honored to again be an exhibitor at the 2013 Bluefield Coal Show. With 240 exhibitors, and an estimated 5,000 visitors during the three-day show, the Bluefield show continues to be one of the nation's top regional...

Victim:   |  Group: 
 flag

haciendazorita.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-22 13:17

Sector:
Hacienda Zorita Wine Hotel & Spa, situado en Salamanca, es un icono en de la historia. Podemos decir que fuimos partícipes de uno de los acontecimientos históricos más decisivos: El Descubrimiento de América.

Victim:   |  Group: 
 flag

fi-tech.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-22 13:16

Sector:
Fi-Tech is “your global connection” to the leading manufacturers of complete machines or technical components used in the production of Polymer, Synthetic Fibers, Nonwovens, Textiles, Converting, Perforated Products or in Tobacco Processing. ...

Victim:   |  Group: 
 flag

neuraxpharm.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-22 11:44

Sector:
1 in 4 people in the world will be affected by mental or neurological disorders at some point in their lives. Roughly every family will have at least one afflicted person in the home. The wellbeing of those suffering from these disorders is...

Victim:   |  Group: 
MY flag

wdgroup.com.my 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:33
Estimated Attack Date: 2023-08-24

Sector:
The WD Group comprises of Three Main Business handling with mining, civil construction and transportation.Its history can be traced back when Wawasan Dengkil Sdn Bhd began its operations in year 2007 with its...

Victim:   |  Group: 
US flag

pvbfabs.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:33
Estimated Attack Date: 2023-08-29

Sector:
Since 2003, PVB Fabrications, Inc. (PVB) has provided quality welding and fabrication services while steadily developing into a direct-hire, multi-disciplined general contractor. PVB has the technical ability to...

Victim:   |  Group: 
US flag

intechims.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:32
Estimated Attack Date: 2023-08-04

Sector:
Specializing in Beverage Re-Packing and Fulfillment for just about anything Start increasing your production with our fully automated variety packaging services. We have the bandwidth to quickly...

Victim:   |  Group: 
US flag

zero-pointorganics.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:32
Estimated Attack Date: 2023-08-22

Sector:
What started out as a hobby in the kitchen summer of 2016 turned into a full time passion for growing nutrient dense foods. We’re now partnered with restaurants, hotels, and country clubs throughout the Houston and College Station/Bryan Texas...

Victim:   |  Group: 
US flag

visitingphysiciansnetwork.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:31
Estimated Attack Date: 2023-09-04

Sector:
We are a North Texas based physician group committed to making healthcare more accessible for those individuals who are unable or have difficulty leaving their home to receive medical treatment. Visiting Physician's Network...

Victim:   |  Group: 
US flag

clearwaterlandscape.com 

Company logo
Ransomware Group:

Discovery Date: 2023-09-14 21:31
Estimated Attack Date: 2023-09-12

Sector:
Since 1989, Clearwater Landscape & Nursery has been a renowned leader in luxury landscaping and outdoor-living space construction throughout our region. We are proud to serve homeowners, developers...

Victim:   |  Group: