dragonransomware
2 incidentes
1 paises
1 sectores
ransomware RU Ultimo: 2026-06-29
Aliases: DragonRansom, Dragon Team
DragonForce is a ransomware-as-a-service (RaaS) operation that first emerged in March 2023. Initially leveraging leaked ransomware builders like LockBit 3.0 and ContiV3, the group rapidly evolved to deploy its own variants. In March 2025, DragonForce pivoted to a "cartel" model, enabling affiliates to operate under their own branding while utilizing the group's tools and infrastructure. Its origins are unclear, with some reports suggesting ties to a Malaysian-based hacktivist collective, DragonForce Malaysia, although this remains unconfirmed and has been denied by the hacktivist group. The primary motivation for DragonForce is financial gain, employing a double-extortion strategy that involves both data encryption and exfiltration. The group is notable for its use of a unique "data analysis service" offered to affiliates to craft tailored extortion materials and for its proclaimed avoidance of targeting healthcare organizations, a claim contradicted by some observed targeting. DragonF
Canales, DLS e infraestructura asociada
Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
Paises objetivo (SOCRadar)
United Arab Emirates
Argentina
Australia
Belgium
Bulgaria
BrazilBelarus
Canada
SwitzerlandCôte d'Ivoire
Sectores atacados
Software (1)
Sectores objetivo (SOCRadar)
Construction of BuildingsFood ManufacturingOther Information ServicesRail TransportationSoftware PublishersReal EstateHospitalsEnterprises & HoldingAccommodationAir Transportation
URLs nuevas detectadas en IntelTracker