Ransomware Intelligence

dragonforce

Ransomware group profile

392Victims
MalaysiaSource country
99Impact score
Also Known As
Water Tambanakua

Description

DragonForce is a politically-motivated hacktivist group known for executing cyber attacks in response to geopolitical events. The group employs tactics such as website defacement, data leaks, and DDoS attacks, often targeting entities they ideologically oppose. Their operations are heavily publicized through social media to gain support and amplify their messages.

Key insights

  • Utilizes website defacement as a tactic to promote political messages.
  • Involved in data leaks and DDoS attacks against targeted entities.
  • Rapidly exploits newly disclosed vulnerabilities for conducting attacks.
  • Employs sophisticated phishing techniques for initial access.
  • Known for leveraging social media platforms to publicize their actions.
  • Uses multi-extortion techniques involving both ransomware and data exposure.
  • Originally emerged as a pro-Palestine group but evolved into a broader hacktivist campaign.

Industries

EducationEnergy & UtilitiesFinancial ServicesGovernment & DefenseHealthcareHospitalityManufacturingOtherProfessional ServicesRetail & E-CommerceTechnologyTransportation

Threat Level & Status Breakdown

For dragonforce · Based on incidents in selected period

2.8threat level
Aggressiveness7/ 10
Lethality0.1/ 10
Criticality1.1/ 10

Status Breakdown

Data Leaked1.3%5
Claimed94.4%370
First seenJun 2025
Last seenJun 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJun 18, 2026

Recent activity

Monthly attack count for dragonforce in the selected period

392Total attacks
65peak in Apr
30.2avg / month
↑ 9 vs first month
JunJulAugSepOctNovDecJanFebMarAprMayJun020406080

Intelligence

IOCs, YARA/Sigma rules, and related families for dragonforce

  1. 85484f00d81ac2e7dad712e67a6fcd10
  2. f0ac3999d4020cd051052a0627a2056d
  3. 4fde7b67da86fdd1587f78254acf9cd6766a7d77
  4. 72231dc69a71f3ac971fa335dc79a04569dd7a09
  5. 39c241a0ad373f13930ba0ca959ef9c1bd6156245a1bd56b8564c03277474707
  6. 88bd49b1bd9c2bde78bc4e394c993035e0fde3ea
  7. 468121e7d6952799f92940677268937c4c5f92ed
  8. b2398a81b5467f75f476a107027b3259
  9. 3b80a13199564e3d8a9d26e14defabee136638f8
  10. 5859e72f41ec951f10a188cc7d250b88
  11. 9b04a93e05ccff94667f04bffa7af600
  12. 203fd36eed61f7c0f9225cf5a824d39a3a891f63c908586801e350f785f0ddca
  13. 33b494eaaa6d7ed75eec74f8c8c866b6c42f59ca72b8517b3d4752c3313e617c
  14. 3e958a16db654e438a3ed3d7e6a3deccc2190eed
  15. 15cd13e0cad20394ec1405748e4bd50e3f27313c6274aee098c4eb0ede970b4c
  16. b7703a59c39a0d2f7ef6422945aaeaaf061431af0533557246397551b8eed505
  17. c7d7f0725df47272a7dd40450ae1e833317ba8f9
  18. 254b7cca40f9e624b21841f60bff0919
  19. 2515b546125d20013237aeadec5873e6438ada611347035358059a77a32c54f5
  20. e45b18c93d187aac5c4486f57483bc87580e15def82a312bfb377ff16eb96b22
  21. 01f1e82d4c2b04a4652348fb18bb480396db2229c4fd22d2be1ea58e6bf4a570
  22. 9f431d5549a03aee92cfd2bdbbe90f1c91e965c99e90a0c9ad5a001f4e80c350
  23. a53a9ca8a074c7108f8412c3f8c1fc5d
  24. 71c50b1e19311185928c4c58ffd061642734ac9edf6a45a232fab407e5915472
  25. 0e477c81be68d8e523783ae46a5502574d481c2d
  26. a7ec88cc08ffa80915f32ac7274218ded88e61c6cda95bedbb8fe9d729ba7495
  27. 2425f7ce87898c69e274daa02c21304f44838eea6521bbf7ffd97427a1f8df2c
  28. 56dfe55b016c08f09dd5a2ab58504b377a3cd66ffba236a5a0539f6e2e39aa71
  29. 5a7c90c0806c846faa58959627a95b816e636e7f
  30. 77962a384d251f0aa8e3008a88f206d6cb1f7401c759c4614e3bfe865e3e985c
  31. ef2cd9ded5532af231e0990feaf2df8fd79dc63f7a677192e17b89ef4adb7dd2
  32. 65d8ba2504cf970adb7ac87a42703e16
  33. 8a4033425d36cd99fe23e6faef9764fbf555f362ebdb5b72379342fbbe4c5531
  34. 168f1b974b31df0889e6dbe75f0fe8486cf932d72f0d6ad8348c97a2e537a738
  35. fd81615d4fec48fee1604a389a95ec4b
  36. 821da79d727351dd67ce5df7950e9a3de6647a3cf474bb3a093f67507fed92a6
  37. c13c49b52069287bbf74b328e6ce084587ec5ffb
  38. 54de95cc33834a2f877ba4842860af27
  39. 770c1dc157226638f8ad1ac9669f4883
  40. 0014e18b7e72bbabd17a8e39c9448563
  41. 930f0dc9929c6097f718b42d1dbad42d0263ffac5d598a81fc6fa1ea1f58c41c
  42. 9e82ee5bde6b5d29281a3c280e6d1f2e
  43. 15e9255a3e3401e5f6578d2ac45b7850
  44. 91025d6f02e542f2e37ffce7d0ce8b51
  45. 259faf2de8195f7f4f41c6bc2deb03e20bce4fcb133342d3cd58124eac37fa18
  46. 103ccb9ba1230b21e4fb360e1f1f99b3a6537c8dfe8eb02e853db4eae891d5a1
  47. 1f5ae3b51b2dbf9419f4b7d51725a49023abc81c
  48. 8ad120e4f3e41849fefa229c9b7d3008
  49. 82794015e2b40cc6e02d3c1d50241465c0cf2c2e4f0a7a2a8f880edaee203724
  50. f35e70c17c3fa2d90502cabe038c116c78600788
  51. 83658959f67c300559196d73ca7cc4abcf344db919601832e5b0dab6e54dceed
  52. 0bec4a243d5ca6180c60f26d49f49db5
  53. 99be93aa4c34b39fedcd37663c34511f
  54. eae67851dc1194cef50ae904f986d5bd
  55. b16e217cdca19e00c1b68bdfb28ead53b20adeabd6edcd91542f9fbf48942877
  56. df5ab9015833023a03f92a797e20196672c1d6525501a9f9a94a45b0904c7403
  57. 1a81b753c9a8a026a1c99de7c920c063560ca165
  58. 6ee94f6bdc4c4ed0fff621fec36c70ff093659ed
  59. c19dbfe279a7bf88adea52a46aeac15687ed3d1e9e5cbfb123af6504c2ef5a0e
  60. 8284c8676cc22c4b2e66826ac16986da7ddecba1f2776b16771be17bfdc45dc2
  61. c969c14c3cfc68289e75a7400758b460
  62. 395f835731d25803a791db984062dd5cfdcade6f95cc5d0f68d359af32f6258d
  63. b47d1618177b6bc219b8734cd02f9cf7be7aff43
  64. 1c09145f4063f989fbabdd6279f8f486
  65. d17f86f27e9db5a5afde517b5173121e
  66. 0143efc2dd05d7ce2a6c1d2672bc86c3b3381f8e
  67. 3928c5874249cc71b2d88e5c0c00989ac394238747bb7638897fc210531b4aab
  68. 11c1cfce546980287e7d3440033191844b5e5e321052d685f4c9ee49937fa688
  69. 47ec51b5f0ede1e70bd66f3f0152f9eb536d534565dbb7fcc3a05f542dbe4428
  70. ad4f0428fc9290791d550eeddf171aff046c4c2c
  71. 06807d8d7282959ce062f92a708d382f
  72. 1406e538fc441e89ce3d1747017f97a5
  73. feab413f86532812efc606c3b3224b7c7080ae4aa167836d7233c262985f888c
  74. 8f31f69f88a75d5faab4f94cfc2ec8a649fe1a24
  75. 949be42310b64320421d5fd6c41f83809e8333825fb936f25530a125664221de
  76. d920c1a909744e206405ec13539ee01c
  77. 39300863bcaad71e5d4efc9a1cae118440aa778f
  78. bc65ed919988c8e4b8f5a1cd371745456601700a
  79. 5d6b9e80e12bfc595d4d26f6afb099b3cb471dd4
  80. c52d46c66d6469877b156e166ca2dbfb72fe90eb
  81. ce31f667580613540d51dfeaf5acbc19
  82. 4c162edf734d12e0d6bfee3b7df9bef7
  83. 6bc8e3505d9f51368ddf323acb6abc49
  84. 9b8dcd2259b64f77cf7769e96f429c60566e42a9759642727ca91f3263bd4fc1
  85. e84270afa3030b48dc9e0c53a35c65aa
  86. 854512af19cba0d1048b9686e3383d9c5a05d316bb6d09cf2af7e93b5f587349
  87. e2bc2361ead7c80eba86a5d1c492865d
  88. 030a1d6fc3cad2d18bb0b00fa5f663eb80fd24fc
  89. e10361a11f8a7f232ac3cb2125c1875a0a69a3e4
  90. c5591d6715ac344f77c25b0418ba4ff82cc565ff44e15466dcb6843b50469d42
  91. 40126b1b3c6f86194fc554cdba3cb5d3
  92. 8d0aed65308fc15f13ab3887739948c9559b9559c9c9a46c12730fd0c825ffe9
  93. 7007cf53bcd0083baba202d8ac2d9070
  94. e1b147aa2efa6849743f570a3aca8390faf4b90aed490a5682816dd9ef10e473
  95. 59bb8cbd471bd6598c8bf830fa9f90574e8b1bae59d90d379dfd91b1390f7a33
  96. 88169b1d4778ed6c5fda97375efb5b9171ea52649c8715bb449801c39bce4ad4
  97. 7310d6399683ba3eb2f695a2071e0e45891d743b
  98. 048e18416177de2ead251abdf4d89837f6807c6aba4d5b1debe49adfdecbf05c
  99. 40df05b4f04ad093b31c9ca07a559be56a700e49f6051b5cb7462db5f85be8c3
  100. ce66b8221446c9b6d83f0ce6382f430e519601641e5daaaf1ca7a8a8806cb0b0
  101. 0f1b1fdd03b95bacb9996a216c4894d6a272c4a7
  102. a9235540208fa6a25614c24a59e19199
  103. ddf23db6881e42e65440c26a208c9175ad705c708f0a5d8426a2636bad79777c
  104. 34a0f4447df3631bc78d53fc97a99503189f8cad
  105. 6cb2e6d24aae57ce7632f9fec4b6c072c2003423
  106. d2939cd18c9072488767520be081fef71d560896c6293b6633cab099fcd238ae
  107. ea8c8f834523886b07d87e85e24f124391d69a738814a0f7c31132b6b712ed65
  108. ce1b9909cef820e5281618a7a0099a27a70643dc
  109. f8286b6ff0cff377ecc69ce844ab3381
  110. 28e95bd7b637bd06f78b6805495190932978cccf
  111. efb642ad3fab4a2e6cb4de829b60e04dd0d9ae7c2b4cf544de28c38f978b4136
  112. d1001ea7b48ba230191b7df9a9a3da1f
  113. 99aa75fa617a3cae5d376f79bbe6a9be3f8f1d51d5db24993142f48769323d7c
  114. cbe4c87b7678d43a230160876d2682f26891c21c
  115. 023d722cbbdd04e3db77de7e6e3cfeabcef21ba5b2f04c3f3a33691801dd45eb
  116. 28df16894a6732919c650cc5a3de94e434a81d80
  117. 2b31fb4d7e7623778a5175bd1716a555b59859047a602eb25238aceb584cc84e
  118. 5038d3bb47718a453d834480aae8d814ab918e88
  119. 9c82ccddbf3d542a48c4950a82b4f5913c7be9c8e757ba5b78f6ed59979b7fa6
  120. 49ed990459486e569cd1428b045baff1e61b86cdeef84a75384b5f7f46bd678e
  121. 7f66722ca40d105e5ba44efd2beb0ca9
  122. 4ec99870a5ca9dbd61744df2235c462799d86f41
View full IOC feed500 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for dragonforce

CVE-2025-6264
CVE-2025-59287
CVE-2025-47176
CVE-2025-47171
CVE-2024-57728
CVE-2024-57727
CVE-2024-57726
CVE-2024-55591
CVE-2024-40766
CVE-2024-37085
CVE-2024-21893
CVE-2024-21887
CVE-2024-21762
CVE-2024-21412
CVE-2024-1709
CVE-2024-1708
CVE-2023-46805
CVE-2023-27997
CVE-2023-20269
CVE-2021-44228
CVE-2021-35464
CVE-2015-2291
Discovery

T1083

File and Directory Discovery

Execution

T1005.002

User Execution

Impact

T1486

Data Encrypted for Impact

Victims(200)

CompanyDomainCountryIndustryStatusDiscovered
Tecfi SpAtecfi.itIT ItalyProfessional Services
Claimed
3 days ago
Inkweareink.co.ukGB United KingdomTechnology
Claimed
5 days ago
Corniche Hotel Abu Dhabiabudhabi.corniche-hotels.comAE United Arab EmiratesHospitality
Claimed
7 days ago
Cheoy Lee ShipyardsHK Hong KongManufacturing
Unknown
7 days ago
Al Ishrak Contractingalishrak.comAE United Arab EmiratesOther
Claimed
7 days ago
The DRMdrm.bhBH BahrainHospitality
Claimed
7 days ago
Al Shafar GRCasgrc.aeAE United Arab EmiratesProfessional Services
Claimed
7 days ago
A. Liberty Engineering Co. Ltdaleengg.com.hkHK Hong KongManufacturing
Claimed
7 days ago
Astec Valves & Fittings Pvtastecflow.comIN IndiaManufacturing
Claimed
8 days ago
Brian Coxbrian-cox.co.ukGB United KingdomOther
Claimed
8 days ago
Cekokcekok.com.trTR TurkeyOther
Claimed
8 days ago
Hong Kong Parkviewhongkongparkview.comHK Hong KongHospitality
Claimed
8 days ago
Arecoareco.seSE SwedenManufacturing
Claimed
8 days ago
Sayre Associatessayreassociates.comUS United StatesProfessional Services
Claimed
10 days ago
REHA-ACTIVreha-activ.deDE GermanyHealthcare
Claimed
14 days ago
SETS Solutionssets.com.lbLB LebanonProfessional Services
Claimed
16 days ago
Copamexcopamex.comMX MexicoOther
Claimed
16 days ago
Synex International Pvt Ltdsynexint.comLK Sri LankaEnergy & Utilities
Claimed
18 days ago
Panorama BPOpanoramabpo.comPH PhilippinesProfessional Services
Claimed
18 days ago
Taos Mountain Casinotaosmountaincasino.comUS United StatesHospitality
Claimed
18 days ago

Page 1 of 10

Affected countries(76)

Countries where this group has been reported to target or leak victims.

🇦🇪United Arab Emirates🇦🇱Albania🇦🇷Argentina🇦🇹Austria🇦🇺Australia🇧🇩Bangladesh🇧🇪Belgium🇧🇬Bulgaria🇧🇭Bahrain🇧🇷Brazil🇨🇦Canada🇨🇭Switzerland🇨🇱Chile🇨🇳China🇨🇴Colombia🇨🇷Costa RicaCuraçao🇨🇾Cyprus🇨🇿Czech Republic🇩🇪Germany🇩🇰Denmark🇩🇴Dominican Republic🇪🇬Egypt🇪🇸Spain🇫🇮Finland🇫🇷France🇬🇧United Kingdom🇬🇷Greece🇬🇹Guatemala🇭🇰Hong Kong🇭🇺Hungary🇮🇩Indonesia🇮🇪Ireland🇮🇱IsraelIsle of Man🇮🇳India🇮🇶IraqIran, Islamic Republic of🇮🇹Italy🇯🇲Jamaica🇯🇵Japan🇱🇧Lebanon🇱🇰Sri Lanka🇱🇺Luxembourg🇲🇦Morocco🇲🇳MongoliaMartinique🇲🇽Mexico🇲🇾Malaysia🇳🇪Niger🇳🇬Nigeria🇳🇱Netherlands🇳🇴Norway🇳🇿New Zealand🇵🇦Panama🇵🇪Peru🇵🇭Philippines🇵🇱PolandPuerto RicoPalestine, State of🇵🇹Portugal🇵🇼PalauRussian Federation🇸🇦Saudi Arabia🇸🇪Sweden🇸🇬Singapore🇸🇰Slovakia🇸🇳Senegal🇹🇭Thailand🇹🇷TurkeyTaiwan, Province of China🇺🇦Ukraine🇺🇸United StatesVenezuela, Bolivarian Republic of🇻🇳Vietnam🇿🇦South Africa