216.73.217.80

DragonForce Ransomware Group is Targeting Saudi Arabia

· Published 27/02/2025 19:28 · Modified 28/02/2025 09:55

Export JSON

Essential information

Published
27/02/2025 19:28
Modified
28/02/2025 09:55
Tags
2025-02-27 construction dark web dragonforce raas ransomware real estate saudi arabia
Related entities
5 vulnerabilities (cve), 17 observables, 1 intrusion sets (apt), 10 techniques (mitre), 1 malware, 3 others

Description

has targeted organizations in , with a significant data leak from a Riyadh and company. The group exfiltrated over 6 TB of data, setting a deadline just before Ramadan. operates on a model, offering high commission rates for affiliates and supporting various platforms. They use advanced techniques, including a customized CAPTCHA filter and encrypted communications. The group's builder offers flexibility in payload configuration, and they leverage legitimate tools for file transfers. employs a dual extortion strategy and has been observed using specific CVEs for network infiltration. The targeting of raises concerns about critical infrastructure security in the region.

External references