DragonForce is a ransomware-as-a-service (RaaS) operation that first emerged in March 2023. Initially leveraging leaked ransomware builders like LockBit 3.0 and ContiV3, the group rapidly evolved to deploy its own variants. In March 2025, DragonForce pivoted to a "cartel" model, enabling affiliates to operate under their own branding while utilizing the group's tools and infrastructure. Its origins are unclear, with some reports suggesting ties to a Malaysian-based hacktivist collective, DragonForce Malaysia, although this remains unconfirmed and has been denied by the hacktivist group. The primary motivation for DragonForce is financial gain, employing a double-extortion strategy that involves both data encryption and exfiltration. The group is notable for its use of a unique "data analysis service" offered to affiliates to craft tailored extortion materials and for its proclaimed avoidance of targeting healthcare organizations, a claim contradicted by some observed targeting. DragonF

URLs nuevas detectadas en IntelTracker