Verticals Targeted: Government, Telecommunications, Media, Manufacturing
Related Families: DragonForce, RansomHub, LockBit
Verticals Targeted: Construction, Real Estate, Financial
Executive Summary
Recent industry reporting highlights the ransomware threats faced by various entities in the Middle East. DragonForce ransomware was recently observed targeting a real estate and construction company in Saudi Arabia. However, this is only the tip of the iceberg, as entities in the Middle East, particularly financial services entities in Saudi Arabia and the UAE, are also being heavily targeted by ransomware.
The recent $1.5 billion hack of Bybit, allegedly orchestrated by the Lazarus Group, has sent shockwaves through the cryptocurrency industry. While this North Korean state-sponsored hacking group has a well-documented history of targeting crypto exchanges, the size of this breach sets a new precedent. Beyond the immediate financial impact, this incident raises serious concerns about how Lazarus will leverage these stolen funds in the future. From within the crypto space to their broader cybercriminal activities.
Related Families: ValleyRAT
Verticals Targeted: Medical
Executive Summary
Chinese threat actor Silver Fox was recently observed targeting medical devices in a sophisticated campaign that delivers multiple malware families, including ValleyRAT.
Verticals Targeted: Manufacturing
Executive Summary
A persistent and sophisticated espionage campaign by the China-linked threat actor group Wicked Panda was observed targeting Japan’s manufacturing sector. The campaign has been dubbed RevivalStone.
Verticals Targeted: Healthcare, Government, Education, Technology, Manufacturing, SMBs
Executive Summary
Ghost, also known as Cring, is a ransomware family that has been active since at least late 2020. A recent uptick in Ghost activity prompted US agencies to release a joint cybersecurity advisory on Ghost.
Executive Summary
FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.
Related Families: RIG, Fallout EK