Ransomware group dragonforce hits STEP Oiltools
STEP Oiltools — a energy target operating in RO has been listed by the dragonforce ransomware group on 2026-07-12. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | STEP Oiltools |
|---|---|
| Threat Group | dragonforce |
| Summary | STEP Oiltools is a leading global provider of solids control and drilling waste management services, primarily serving the oil and gas and civil engineering industries. The company offers a range of products including mini separation systems, modular recyclers, and dewatering systems, aimed at enhancing efficiency and sustainability in drilling operations. With a commitment to health and safety, STEP Oiltools has received recognition for its high standards in workplace safety. Their clientele includes major players in the energy sector, civil construction, and water treatment markets. |
| Date of Breach | 2026-07-12 |
| Discovery Date | 2026-07-12 |
| Region | RO |
| Target Domain | stepoiltools.com |
| Business Sector | Energy |
| Severity | MEDIUM |
Claim by dragonforce
STEP Oiltools is a leading global provider of solids control and drilling waste management services, primarily serving the oil and gas and civil engineering industries. The company offers a range of products including mini separation systems, modular recyclers, and dewatering systems, aimed at enhancing efficiency and sustainability in drilling operations. With a commitment to health and safety, STEP Oiltools has received recognition for its high standards in workplace safety. Their clientele includes major players in the energy sector, civil construction, and water treatment markets.
Posted by the dragonforce threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
stepoiltools.com
Leak post (onion / Tor)
http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=2aedf0cd-9031-4333-aa3b-3b775041d7d3
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

