Uptime Hamster: 15d 7h 56mDeploy: 13 Jul 2026 08:04Updated: 2026-07-05
Logo del actor de amenaza dragonransomware

dragonransomware

2 incidentes 1 paises 1 sectores ransomware RU Ultimo: 2026-06-29
Aliases: DragonRansom, Dragon Team
Ver en IntelTracker → APTTrail →
DragonForce is a ransomware-as-a-service (RaaS) operation that first emerged in March 2023. Initially leveraging leaked ransomware builders like LockBit 3.0 and ContiV3, the group rapidly evolved to deploy its own variants. In March 2025, DragonForce pivoted to a "cartel" model, enabling affiliates to operate under their own branding while utilizing the group's tools and infrastructure. Its origins are unclear, with some reports suggesting ties to a Malaysian-based hacktivist collective, DragonForce Malaysia, although this remains unconfirmed and has been denied by the hacktivist group. The primary motivation for DragonForce is financial gain, employing a double-extortion strategy that involves both data encryption and exfiltration. The group is notable for its use of a unique "data analysis service" offered to affiliates to craft tailored extortion materials and for its proclaimed avoidance of targeting healthcare organizations, a claim contradicted by some observed targeting. DragonF

Aliases del actor

DragonRansomDragon Team

Actores similares

Aoqin Dragonapt · 1Night Dragonapt · 1night-dragonactor · 1aoqin-dragonactor · 1sharp-dragon--chkptactor · 1Amaranth-Dragonapt · 0Camaro Dragonapt · 0Moshen Dragonapt · 0Operation Dragon Castlingapt · 0dragonforceransomware · 580

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / leak siteunknownransomware.anggipradana.comRansomware Group: dragonransomware
Victimas
0
TTPs unicas
0
Info robada historica
N/D
Rescates reclamados
N/D
Pagos detectados
N/D

Paises afectados

United States (1)

Paises objetivo (SOCRadar)

United Arab EmiratesArgentinaAustraliaBelgiumBulgariaBrazilBelarusCanadaSwitzerlandCôte d'Ivoire

Sectores atacados

Software (1)

Sectores objetivo (SOCRadar)

Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationSoftware PublishersReal EstateHospitalsEnterprises & HoldingAccommodationAir Transportation

URLs nuevas detectadas en IntelTracker

ransomware.anggipradana.com