CyberSecurityBoard
Sponsor Register Login

DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025

This opportunistic expansion coincides with a historic surge in global ransomware activity, with Check Point’s State of Ransomware Q1 2025 report documenting 2,289 publicly named ransomware victims in just the first quarter – representing a staggering 126% year-over-year increase. Check Point researchers have identified DragonForce’s strategic pivot following the April 2025 disappearance of RansomHub, when the group moved swiftly to absorb displaced affiliates by marketing itself as an agile alternative to collapsed legacy operators. This architecture exemplifies how DragonForce isn’t merely a ransomware operation but a comprehensive criminal platform that combines marketing strategy, business model, and technical ecosystem. As Check Point analysts note, its success lies not in technical sophistication alone, but in creating an accessible framework for cybercrime that offers affiliates anonymity, flexibility, and profit in a landscape where trust in traditional RaaS brands continues to erode. In the rapidly evolving cybersecurity landscape of 2025, DragonForce has emerged as a formidable ransomware threat, redefining the hybrid extortion model. Their infrastructure includes white-label ransomware kits allowing affiliates to create unique ransomware brands, compile custom binaries, and personalize ransom notes and file extensions. The group has developed a business model specifically tailored to attract displaced or freelance affiliates, offering a competitive 20% revenue share – lower than most ransomware-as-a-service (RaaS) operations. First appearing in December 2023 with the launch of its “DragonLeaks” dark web portal, DragonForce has quickly established itself as more than just another ransomware group. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. DragonForce’s technical infrastructure represents a significant evolution in ransomware deployment methodology. What distinguishes this threat actor is its evolution from possible hacktivist roots into a fully commercialized criminal enterprise that combines ideological flexibility with technological agility.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 07 May 2025 15:05:02 +0000


Cyber News related to DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
2 months ago Cybersecuritynews.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
1 month ago Cybersecuritynews.com
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
1 year ago Techtarget.com
DragonForce - The Rise of a Hybrid Cyber Threat in The Ransomware Landscape of 2025 - This opportunistic expansion coincides with a historic surge in global ransomware activity, with Check Point’s State of Ransomware Q1 2025 report documenting 2,289 publicly named ransomware victims in just the first quarter – representing ...
2 weeks ago Cybersecuritynews.com Dragonforce Ransomhub
Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks - PRESS RELEASE. San Jose, Calif. - February 15, 2024 - Vectra AI, Inc., the leader in hybrid attack detection, investigation and response, today announced the launch of Vectra MXDR services, the industry's first global, 24x7 open MXDR service built to ...
1 year ago Darkreading.com
7 Keys to an Effective Hybrid Cloud Migration Strategy - Not very long ago, a hybrid cloud migration strategy amounted to a business extending its internal workloads into an environment it doesn't own. A hybrid cloud strategy was relatively simple - a combination of on-site resources and some type of cloud ...
1 year ago Techtarget.com
DragonForce Ransomware Gang Prompts Ohio Lottery to Shut Down - On 25 December 2023, the Ohio Lottery faced a major cyberattack, as a result, they had to shut down some crucial systems related to the undisclosed internal application. The threat actors behind the breach are the DragonForce ransomware group. While ...
1 year ago Cysecurity.news Dragonforce
Fighting ransomware: A guide to getting the right cybersecurity insurance - While the cybersecurity risk insurance market has been around for more than 20 years, the rapidly changing nature of attacks and the rise in the ransomware epidemic has markedly changed the nature of cyber insurance in recent years. It's more ...
1 year ago Scmagazine.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
Cyber Insurance: A Smart Investment to Protect Your Business from Cyber Threats in 2023 - Don't wait until it's too late - get cyber insurance today and secure your business for tomorrow. According to the U.S. Federal Trade Commission, cyber insurance is a particular type of insurance that helps businesses mitigate financial losses ...
1 year ago Cyberdefensemagazine.com
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com LockBit Snatch
Three Key Threats Fueling the Future of Cyber Attacks - Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. Protecting an organization against intrusion remains a cat and mouse game, in ...
1 year ago Cyberdefensemagazine.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too - An increase in cyber-insurance claims in 2023, driven by a more active threat landscape, will likely mean that last year's price plateau in cyber-insurance premium costs will be short-lived, according to industry experts. While premium costs fell by ...
1 year ago Darkreading.com Rocke
Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware - The Cisco Talos Year in Review report released Tuesday highlights new trends in the cybersecurity threat landscape. We'll focus on three topics covered: the ransomware cybercriminal ecosystem, network infrastructure attacks and commodity loader ...
1 year ago Techrepublic.com LockBit
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
1 year ago Feeds.fortinet.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Does Pentesting Actually Save You Money On Cyber Insurance Premiums? - Way back in the cyber dark ages of the early 1990s as many households were buying their first candy-colored Macintoshes and using them to play Oregon Trail and visit AOL chat rooms, many businesses started venturing into the digital realm as well by ...
1 year ago Securityboulevard.com Rocke
Ransomware Groups Allegedly Breach IT Networks, Stealing Data from UK Retailers - A notorious ransomware group dubbed DragonForce has claimed responsibility for a series of cyber attacks targeting major UK retailers, with Co-op now confirming a significant data breach affecting its membership database. In response to these ...
2 weeks ago Cybersecuritynews.com Dragonforce
Cyber Insurance for Businesses: Navigating Coverage - To mitigate these risks, many businesses opt for cyber insurance. With the wide range of policies available, navigating the world of cyber insurance can be overwhelming. In this article, we will delve into the complexities of cyber insurance and ...
1 year ago Securityzap.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)