Active ransomware operator
← All groupssettra
22 victims indexed · first seen 5 days ago · last activity 3 days ago
At a glance
- Status
- active
- First seen
- 5 days ago
- Last activity
- 3 days ago
- Onion sites
- 1 known endpoint
- Primary sector
- Consumer Services · 3 hits
About
Timeline
1 monthsTop countries
Top sectors
MITRE ATT&CK
17 techniques · 7 tacticsTactics
Techniques
- T1190Exploit Public-Facing Application
- T1566Phishing
- T1059Command and Scripting Interpreter
- T1047Windows Management Instrumentation
- T1562Impair Defenses
- T1070Indicator Removal
- T1083File and Directory Discovery
- T1082System Information Discovery
- T1135Network Share Discovery
- T1057Process Discovery
- T1005Data from Local System
- T1039Data from Network Shared Drive
- T1041Exfiltration Over C2 Channel
- T1567Exfiltration Over Web Service
- T1486Data Encrypted for Impact
- T1490Inhibit System Recovery
- T1489Service Stop
Recent victims
Loading…
Onion infrastructure
1 known- http://settra5ldqwgtw5q7z5awbsvlksakyfojuc5slgrz5lvapune4fantqd.onion
Source
Updated 3 days agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.
Get alerted the next time settra posts a victim.
Add settra to your watchlist — Pro pings you within 5 minutes of any new settra leak-site post, Telegram callout, or affiliate-rebrand inference.

