DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year

DragonForce, a ransomware group first identified in fall 2023, has claimed over 120 victims in the past year, marking its rapid ascent as a formidable player in the ransomware ecosystem.

Initially operating under a Ransomware-as-a-Service (RaaS) model, DragonForce has since pivoted to a ransomware cartel structure, as announced in March 2025 on its data leak site.

This strategic shift, coupled with its expanding affiliate network and tactical partnerships, positions DragonForce as a critical threat to monitor in 2025.

A Rising Threat in the Ransomware Ecosystem

The group has targeted organizations across diverse industries, including manufacturing, construction, technology, healthcare, and retail, in countries such as the United States, Italy, and Australia.

Their encryptors target Windows, Linux, and ESXi environments, demonstrating a versatile and sophisticated attack arsenal.

DragonForce’s operational tactics reveal a calculated approach to maximize impact and ...