FunkSec – Alleged Top Ransomware Group Powered by AI
Essential information
- Published
- 10/01/2025 13:59
- Modified
- 10/01/2025 16:12
- Tags
- 2025-01-10 ai-assisted ddos double-extortion hacktivism ransomware rust
- Related entities
- 9 observables, 1 intrusion sets (apt), 17 techniques (mitre), 4 others
Description
FunkSec, an emerging ransomware group, gained prominence in late 2024 with over 85 claimed victims in December. The group's activities blend hacktivism and cybercrime, using AI-assisted malware development to quickly produce advanced tools despite apparent inexperience. FunkSec offers custom ransomware, DDoS tools, and other hacking utilities, often recycling data from previous hacktivist campaigns. The group's core operations seem conducted by inexperienced actors, likely based in Algeria. Their ransomware, written in Rust, shows signs of AI assistance and contains redundant code. FunkSec's rapid rise highlights the evolving threat landscape where low-skill actors can leverage accessible tools to create significant impact.