News
October 09, 2025
3 more infamous cybercrime crews team up to 'maximize income' in 'challenging' ransomware biz
It's hard out there for a crim Following in the footsteps of an earlier unholy alliance between three other cybercrime crews, ransomware-as-a-service giants DragonForce, Qilin, and LockBit claim to be collaborating on ransomware attacks. ...
### 3 more infamous cybercrime crews team up to 'maximize income' in 'challenging' ransomware biz
The already murky waters of the ransomware underworld have just become even more treacherous. In a move echoing a concerning trend, three of the most notorious ransomware-as-a-service (RaaS) operations, DragonForce, Qilin, and LockBit, have announced a collaborative partnership, citing a desire to "maximize income" in what they perceive as an increasingly "challenging" business environment. This alliance follows a similar, earlier union between other cybercriminal groups, signaling a potentially significant shift in the dynamics of the global ransomware landscape.
The implications of this collaboration are far-reaching and deeply concerning for businesses and organizations of all sizes. By pooling their resources, expertise, and victim data, these groups are effectively creating a ransomware super-force, capable of launching more sophisticated and devastating attacks. This partnership allows them to share best practices in infiltration techniques, encryption methods, and negotiation strategies, potentially leading to higher success rates in their malicious endeavors.
Ransomware-as-a-service works by having core developers create the ransomware software and then recruiting "affiliates" to deploy it against targets. The profits are then split between the developers and the affiliates. This model has lowered the barrier to entry for cybercriminals, allowing individuals with limited technical skills to participate in ransomware attacks. Now, with these larger groups joining forces, the risk is amplified.
The motivations behind this collaboration are likely multi-faceted. Experts suggest that increased competition in the ransomware market, coupled with improved defensive measures by organizations and increased law enforcement scrutiny, has made it more difficult for individual groups to operate independently and profitably. By combining their strengths, these groups aim to overcome these challenges and maintain their dominance in the cybercrime ecosystem.
The announcement of this alliance should serve as a stark warning to businesses and organizations worldwide. It is now more critical than ever to implement robust cybersecurity measures, including regular data backups, employee training on phishing awareness, and proactive threat hunting, to mitigate the risk of falling victim to these increasingly sophisticated and coordinated ransomware attacks. Staying ahead of these evolving threats requires constant vigilance and a proactive approach to cybersecurity. The formation of these alliances underscores the need for international cooperation and coordinated efforts to disrupt and dismantle these criminal organizations.
The already murky waters of the ransomware underworld have just become even more treacherous. In a move echoing a concerning trend, three of the most notorious ransomware-as-a-service (RaaS) operations, DragonForce, Qilin, and LockBit, have announced a collaborative partnership, citing a desire to "maximize income" in what they perceive as an increasingly "challenging" business environment. This alliance follows a similar, earlier union between other cybercriminal groups, signaling a potentially significant shift in the dynamics of the global ransomware landscape.
The implications of this collaboration are far-reaching and deeply concerning for businesses and organizations of all sizes. By pooling their resources, expertise, and victim data, these groups are effectively creating a ransomware super-force, capable of launching more sophisticated and devastating attacks. This partnership allows them to share best practices in infiltration techniques, encryption methods, and negotiation strategies, potentially leading to higher success rates in their malicious endeavors.
Ransomware-as-a-service works by having core developers create the ransomware software and then recruiting "affiliates" to deploy it against targets. The profits are then split between the developers and the affiliates. This model has lowered the barrier to entry for cybercriminals, allowing individuals with limited technical skills to participate in ransomware attacks. Now, with these larger groups joining forces, the risk is amplified.
The motivations behind this collaboration are likely multi-faceted. Experts suggest that increased competition in the ransomware market, coupled with improved defensive measures by organizations and increased law enforcement scrutiny, has made it more difficult for individual groups to operate independently and profitably. By combining their strengths, these groups aim to overcome these challenges and maintain their dominance in the cybercrime ecosystem.
The announcement of this alliance should serve as a stark warning to businesses and organizations worldwide. It is now more critical than ever to implement robust cybersecurity measures, including regular data backups, employee training on phishing awareness, and proactive threat hunting, to mitigate the risk of falling victim to these increasingly sophisticated and coordinated ransomware attacks. Staying ahead of these evolving threats requires constant vigilance and a proactive approach to cybersecurity. The formation of these alliances underscores the need for international cooperation and coordinated efforts to disrupt and dismantle these criminal organizations.
Category:
Technology