CyberSecurityBoard
Sponsor Register Login

DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025

This opportunistic expansion coincides with a historic surge in global ransomware activity, with Check Point’s State of Ransomware Q1 2025 report documenting 2,289 publicly named ransomware victims in just the first quarter – representing a staggering 126% year-over-year increase. Check Point researchers have identified DragonForce’s strategic pivot following the April 2025 disappearance of RansomHub, when the group moved swiftly to absorb displaced affiliates by marketing itself as an agile alternative to collapsed legacy operators. This architecture exemplifies how DragonForce isn’t merely a ransomware operation but a comprehensive criminal platform that combines marketing strategy, business model, and technical ecosystem. As Check Point analysts note, its success lies not in technical sophistication alone, but in creating an accessible framework for cybercrime that offers affiliates anonymity, flexibility, and profit in a landscape where trust in traditional RaaS brands continues to erode. In the rapidly evolving cybersecurity landscape of 2025, DragonForce has emerged as a formidable ransomware threat, redefining the hybrid extortion model. Their infrastructure includes white-label ransomware kits allowing affiliates to create unique ransomware brands, compile custom binaries, and personalize ransom notes and file extensions. The group has developed a business model specifically tailored to attract displaced or freelance affiliates, offering a competitive 20% revenue share – lower than most ransomware-as-a-service (RaaS) operations. First appearing in December 2023 with the launch of its “DragonLeaks” dark web portal, DragonForce has quickly established itself as more than just another ransomware group. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. DragonForce’s technical infrastructure represents a significant evolution in ransomware deployment methodology. What distinguishes this threat actor is its evolution from possible hacktivist roots into a fully commercialized criminal enterprise that combines ideological flexibility with technological agility.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 07 May 2025 15:05:02 +0000


Cyber News related to DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
5 months ago Cybersecuritynews.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
4 months ago Cybersecuritynews.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
1 month ago Cybersecuritynews.com
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025 - This opportunistic expansion coincides with a historic surge in global ransomware activity, with Check Point’s State of Ransomware Q1 2025 report documenting 2,289 publicly named ransomware victims in just the first quarter – representing ...
3 months ago Cybersecuritynews.com Dragonforce Ransomhub
Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks - PRESS RELEASE. San Jose, Calif. - February 15, 2024 - Vectra AI, Inc., the leader in hybrid attack detection, investigation and response, today announced the launch of Vectra MXDR services, the industry's first global, 24x7 open MXDR service built to ...
1 year ago Darkreading.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
1 year ago Techtarget.com
DragonForce Ransomware Gang Prompts Ohio Lottery to Shut Down - On 25 December 2023, the Ohio Lottery faced a major cyberattack, as a result, they had to shut down some crucial systems related to the undisclosed internal application. The threat actors behind the breach are the DragonForce ransomware group. While ...
1 year ago Cysecurity.news Dragonforce
New DEVMAN Ransomware From DragonForce Attacking Windows 10 and 11 Users - A sophisticated new ransomware variant identified as DEVMAN has emerged from the DragonForce ransomware-as-a-service ecosystem, targeting both Windows 10 and Windows 11 systems with notable behavioral differences between operating system versions. ...
1 month ago Cybersecuritynews.com Dragonforce
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
1 year ago Scmagazine.com
DragonForce Ransomware Empowers Affiliates with Modular Toolkit to Create Custom Ransomware Payloads - Cyber Security News - Additionally, the system includes stealth-optimized encryption algorithms designed to bypass endpoint detection and response solutions, multilingual victim portals for global operations, and comprehensive affiliate support including technical ...
1 month ago Cybersecuritynews.com Dragonforce LockBit
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
M&S confirms social engineering led to massive ransomware attack - As first reported by BleepingComputer, the attack on M&S was conducted by threat actors linked to Scattered Spider, who deployed the DragonForce ransomware on the network. Tata provides help desk support for M&S and is believed to have ...
1 month ago Bleepingcomputer.com Scattered Spider Dragonforce
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
1 year ago Cyberdefensemagazine.com
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com LockBit Snatch
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
1 year ago Cyberdefensemagazine.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
1 year ago Techrepublic.com LockBit
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too - An increase in cyber-insurance claims in 2023, driven by a more active threat landscape, will likely mean that last year's price plateau in cyber-insurance premium costs will be short-lived, according to industry experts. While premium costs fell by ...
1 year ago Darkreading.com Rocke
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
1 year ago Feeds.fortinet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)