DragonForce Ransomware Group is Targeting Saudi Arabia
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
DragonForce ransomware has targeted organizations in Saudi Arabia, with a significant data leak from a Riyadh real estate and construction company. The group exfiltrated over 6 TB of data, setting a deadline just before Ramadan. DragonForce operates on a RaaS model, offering high commission rates for affiliates and supporting various platforms. They use advanced techniques, including a customized CAPTCHA filter and encrypted communications. The group's builder offers flexibility in payload configuration, and they leverage legitimate tools for file transfers. DragonForce employs a dual extortion strategy and has been observed using specific CVEs for network infiltration. The targeting of Saudi Arabia raises concerns about critical infrastructure security in the region.
OPENCTI LABELS :
ransomware,saudi arabia,raas,construction,dragonforce,real estate,dark web
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
DragonForce Ransomware Group is Targeting Saudi Arabia