Summary: DragonForce, a ransomware operation, is restructuring the ransomware landscape by adopting a cartel-like approach to recruit affiliates under a new ransomware-as-a-service (RaaS) model. This model allows affiliates to operate under their own branding while avoiding the complexities of infrastructure management. DragonForce claims a moral stance against targeting certain healthcare organizations, indicating a selective approach to their business operations.
Affected: Ransomware Affiliates and Targeted Organizations
Keypoints :
- DragonForce operates as a “ransomware cartel,” taking 20% from paid ransoms and providing affiliates with necessary infrastructure and tools.
- Affiliates can brand their ransomware attacks independently while using DragonForce’s malware and resources, facilitating a broader base of operators.
- The group expresses a selective ethos, indicating they do not attack hospitals and aim to support certain vulnerable populations, showcasing an unusual moral compass in the ransomware space.