LAMASHTU Ransomware Group Lists Sistemas Electrónicos y de Telecomunicaciones as New Victim on Dark Web Leak Site

The LAMASHTU ransomware operation has added Sistemas Electrónicos y de Telecomunicaciones to its public dark web leak site, signaling a fresh victim in what threat intelligence trackers describe as an active extortion campaign. The listing, surfaced through OSINT monitoring of the group's Tor-based infrastructure, suggests the threat actors have exfiltrated data from the company and are preparing to publish sensitive materials unless a ransom is paid. RedPacket Security, a threat intelligence platform tracking LAMASHTU activity, confirmed the victim association with the telecommunications and electronics firm.

Sistemas Electrónicos y de Telecomunicaciones operates within a sector that threat actors frequently target due to the sensitive communication infrastructure and data it handles. LAMASHTU, which has previously targeted healthcare, manufacturing, and professional services organizations, employs double-extortion tactics—encrypting victim networks while simultaneously threatening to release stolen data. The group's infrastructure relies on Tor-hidden leak sites, complicating attribution and enforcement efforts. Security researchers note that LAMASHTU's victimology suggests a preference for organizations with significant digital footprint and sensitive operational data.

Organizations in the telecommunications and electronics supply chain are advised to review network segmentation, backup integrity, and endpoint detection capabilities. The listing of Sistemas Electrónicos y de Telecomunicaciones by LAMASHTU underscores persistent pressure on critical infrastructure-adjacent firms, where successful intrusions can cascade into broader supply chain risk. Incident response teams and threat intelligence consumers should monitor the LAMASHTU leak site for potential data releases involving this victim.