Emerging ransomware groups on the rise: Who they are, how they operate
DragonForce is a bit older, first making an appearance in December 2023. The group seems to be using a version of the leaked LockBit ransomware builder and so far has targeted organizations from the manufacturing, technology, healthcare, finance, construction, and real estate sectors from the US, the UK, Australia, Argentina, and Switzerland.
“Looking ahead, the emergence of new ransomware groups in 2024, as evidenced by the proliferation of 25 new groups by the second quarter, suggests a sustained and evolving threat landscape,” the Cyberint researchers wrote.
The good news is that many of these new groups tend to be less sophisticated than the major ones they’re trying to replace, at least for now. Their malware, techniques, and tools are not as well developed and could be more easily detected, but if experienced affiliates join their ranks attracted by better deals, this will rapidly change.
