Tag: raas
Cybercrime recruitment drive targets English-speaking teens
The most in-demand skill on cybercrime recruiting sites is English-speaking social engineering. According to cybersecurity company Reliaquest, job posts more than doubling from 2024 to 2025, with recruiters accounting for 87 percent of these postings, indicating strong demand.
Cybercrime Kills
A patient’s death following a cyber-attack on the UK health sector by ransomware group Qilin has now been reported. The death has been confirmed by King's College Hospital NHS Foundation Trust. It has been attributed to a long wait for a blood test as a result of a cyber-attack on 3 June last year, which brought pathology services to a temporary standstill. IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack carried out by Qilin. The hospitals affected were Guy's and St Thomas', King's College, and Lewisham and Greenwich, along with primary care facilities across six London boroughs and two mental health trusts.
Ransomware group offers cyber gangs legal advice
A new cybercriminal group, Qilin, is rapidly establishing dominance in the murky world of ransomware by providing not just ransomware-as-a-service (RaaS) but a full soup-to-nuts cybercrime service .In addition to the malware, Qilin also provides a full suite of legal guidance for criminals together with operational and storage features. According cybersecurity company, Cybereason, Qilin is positioning itself not just as a ransomware group, but as a full cybercrime service.
Teenage hackers run rings around cyber-defenses
The recent UK retail cyberattacks that impacted Marks & Spencer and the Co-Op supermarket chain are only the tip of a very large iceberg that now threatens organizations on both sides of the Atlantic. Although media reports have attributed the attacks to a group named “Scattered Spider,” the actual threat is far bigger. For a start, there is no criminal group that actually calls itself “Scattered Spider”, which is just a made-up name attributed by cybersecurity researchers. These attacks and many others in the US and the UK are now known to be the work of a vast sprawling network of hackers, some as young as 14, spread across the US and the UK. They call themselves “the Community”, or “the Com” for short, and are essentially a vast teenage subculture of criminal hackers.
New ransomware threat emerges in 2025
A new and unusually dangerous and sophisticated gang of cybercriminals, named BlackLock, has emerged as a major ransomware threat in 2025. Cybersecurity company Reliaquest observed a staggering 1,425 percent increase in the gang’s activities in the last quarter of 2024. Its ransomware is built to target Windows, VMWare ESXi, and Linux environments and is designed as a double-extortion attack, which involves not only locking the target organization’s critical data by encrypting it, but also by identifying sensitive information and threatening to expose it. “BlackLock’s rise has been both swift and strategic, targeting organizations across a wide range of sectors and geographies,” reports Reliaquest.
‘Hellcat’ is new breed of cybercriminal
A ransomware gang, Hellcat, that emerged in 2024 is being seen as representative of a new type of threat actor using off-the-shelf malware and innovative extortion techniques. According to cybersecurity company Cato Networks: “Hellcat’s emergence in 2024 marks a troubling shift in the landscape of cybercrime. By leveraging a ransomware-as-a-service (RaaS) model and utilizing double extortion tactics, Hellcat has not only increased the accessibility of ransomware but also heightened the psychological impact on its victims.”
AI enables ransomware boom
A new ransomware group, named Funksec, is the latest example of relatively inexperienced cybercriminals using AI to develop weaponized malware. The group claims that over 85 organizations fell victim to its ransomware attacks in December alone, potentially surpassing every other ransomware group in terms of victim numbers. According to Check Point Research: “FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools…Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs.”
Ransomware payments top US$1 billion in 2023
Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments. “This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.
BlackCat turns to ‘Munchkin’ to advance hacker operations – October 23rd
The BlackCat ransomware group has employed the use of a new tool, called Munchkin, making the Ransomware-as-a-Service (Raas) operation more attractive to potential affiliates. This is because Munchkin allows for the use of remote systems to deploy encryptors on network devices. After violating a device's security, the threat actors are able to install something called a VirtualBox, which enhances their ability to propagate a malicious payload across victim networks.