Contact

DragonForce Ransomware Group is Targeting Saudi Arabia

NetmanageIT OpenCTI - opencti.netmanageit.com

DragonForce Ransomware Group is Targeting Saudi Arabia



SUMMARY :

DragonForce ransomware has targeted organizations in Saudi Arabia, with a significant data leak from a Riyadh real estate and construction company. The group exfiltrated over 6 TB of data, setting a deadline just before Ramadan. DragonForce operates on a RaaS model, offering high commission rates for affiliates and supporting various platforms. They use advanced techniques, including a customized CAPTCHA filter and encrypted communications. The group's builder offers flexibility in payload configuration, and they leverage legitimate tools for file transfers. DragonForce employs a dual extortion strategy and has been observed using specific CVEs for network infiltration. The targeting of Saudi Arabia raises concerns about critical infrastructure security in the region.

OPENCTI LABELS :

ransomware,saudi arabia,raas,construction,dragonforce,real estate,dark web


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


DragonForce Ransomware Group is Targeting Saudi Arabia