HackerFeeds
All ransomware incidents
stepoiltools.com

Ransomware group dragonforce hits STEP Oiltools

MEDIUM
·Energy·RO·2026-07-12

STEP Oiltools — a energy target operating in RO has been listed by the dragonforce ransomware group on 2026-07-12. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationSTEP Oiltools
Threat Group
dragonforce
SummarySTEP Oiltools is a leading global provider of solids control and drilling waste management services, primarily serving the oil and gas and civil engineering industries. The company offers a range of products including mini separation systems, modular recyclers, and dewatering systems, aimed at enhancing efficiency and sustainability in drilling operations. With a commitment to health and safety, STEP Oiltools has received recognition for its high standards in workplace safety. Their clientele includes major players in the energy sector, civil construction, and water treatment markets.
Date of Breach2026-07-12
Discovery Date2026-07-12
RegionRO
Target Domainstepoiltools.com
Business SectorEnergy
Severity
MEDIUM

Claim by dragonforce

STEP Oiltools is a leading global provider of solids control and drilling waste management services, primarily serving the oil and gas and civil engineering industries. The company offers a range of products including mini separation systems, modular recyclers, and dewatering systems, aimed at enhancing efficiency and sustainability in drilling operations. With a commitment to health and safety, STEP Oiltools has received recognition for its high standards in workplace safety. Their clientele includes major players in the energy sector, civil construction, and water treatment markets.

Posted by the dragonforce threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

stepoiltools.com

Leak post (onion / Tor)

tor

http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=2aedf0cd-9031-4333-aa3b-3b775041d7d3

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.