Ransomware Group

SafePay

Status: active • First seen 2024-1040+ known victims

SafePay uses stolen tools from the famous LockBit gang to attack banks and insurance companies. They have an ironic name since they make payments very unsafe.

Overview

SafePay utilizes leaked LockBit builder tools to create their payloads, targeting financial institutions and insurance companies.

Target Industries

Finance, Insurance, Retail, Professional Services

How They Attack

  • LockBit builder tools
  • Financial targeting
  • Double extortion
  • Data theft

Notable Victims

Financial institutions (2024), Insurance companies

Is your business exposed?

How to Protect Against SafePay

  1. 1.

    Monitor for LockBit indicators

  2. 2.

    Implement financial sector security standards

  3. 3.

    Enable fraud detection monitoring

MITRE ATT&CK Techniques

T1486, T1567, T1078, T1021

Related Groups

Lockbit

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices