Skira, also referred to as Skira Team, is a ransomware group first listed among new ransomware variants that emerged in March 2024. The provided reporting places it among new and emerging ransomware groups observed into Q1 2025. Public victim claims attributed to Skira Team include Krisala Developers, CCL Products, Carruth Compliance Consulting, Lawyers Diary and Manual, Van Metropolitan Municipality, Independent Title Agency LLC, and Dedicated Web Consultants Inc. The available content does not provide additional high-confidence detail on its tooling, intrusion methods, or geographic attribution.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
2 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Named as a new ransomware variant/gang emerging in 2024 and associated with victim claims posted in March 2024.
Emerging ransomware group listed as active in Q1 2025 targeting industrial sectors.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.