Summary: A new Ransomware-as-a-Service player, Dragon RaaS, combines political hacktivism with opportunistic cybercrime, targeting organizations with weak security. It emerged as a splinter group from the Stormous ransomware gang and is affiliated with various cybercrime syndicates. Dragon RaaS’s operations focus on defacement attacks and ransomware extortion, utilizing a rebranded version of existing ransomware techniques.
Affected: Organizations with weak security postures globally, including the U.S., U.K., Israel, France, Yemen, and Ukraine
Keypoints :
- Dragon RaaS began in July 2024 and is linked to the notorious Stormous gang.
- It capitalizes on vulnerabilities in WordPress, LiteSpeed servers, and cPanel instances to gain initial access.
- The group’s defacement of websites and social media presence is prominent, often overshadowing actual ransomware extortion efforts.