Ransomware Intelligence

dragonforce

Ransomware group profile

392Victims
MalaysiaSource country
101Impact score
Also Known As
Water Tambanakua

Description

DragonForce is a politically-motivated hacktivist group known for executing cyber attacks in response to geopolitical events. The group employs tactics such as website defacement, data leaks, and DDoS attacks, often targeting entities they ideologically oppose. Their operations are heavily publicized through social media to gain support and amplify their messages.

Key insights

  • Utilizes website defacement as a tactic to promote political messages.
  • Involved in data leaks and DDoS attacks against targeted entities.
  • Rapidly exploits newly disclosed vulnerabilities for conducting attacks.
  • Employs sophisticated phishing techniques for initial access.
  • Known for leveraging social media platforms to publicize their actions.
  • Uses multi-extortion techniques involving both ransomware and data exposure.
  • Originally emerged as a pro-Palestine group but evolved into a broader hacktivist campaign.

Industries

EducationEnergy & UtilitiesFinancial ServicesGovernment & DefenseHealthcareHospitalityManufacturingOtherProfessional ServicesRetail & E-CommerceTechnologyTransportation

Threat Level & Status Breakdown

For dragonforce · Based on incidents in selected period

3.9threat level
Aggressiveness10/ 10
Lethality0.1/ 10
Criticality1.3/ 10
First seenJul 2025
Last seenJun 2026
Avg ransom
Payment rate
Statusactive
Sophistication0
Last updatedJun 28, 2026

Recent activity

Monthly attack count for dragonforce in the selected period

392Total attacks
65peak in Apr
32.7avg / month
↑ 2 vs first month
JulAugSepOctNovDecJanFebMarAprMayJun020406080

Intelligence

IOCs, YARA/Sigma rules, and related families for dragonforce

  1. f0ac3999d4020cd051052a0627a2056d
  2. a4566f8bd274ccdd7b0b5f958e1a8097573ad695
  3. 4fde7b67da86fdd1587f78254acf9cd6766a7d77
  4. 72231dc69a71f3ac971fa335dc79a04569dd7a09
  5. 39c241a0ad373f13930ba0ca959ef9c1bd6156245a1bd56b8564c03277474707
  6. 88bd49b1bd9c2bde78bc4e394c993035e0fde3ea
  7. 12500f6c87ce62712a0ed6652c57468d15c14223
  8. 9ddae47ff968343a8c32a5344060257fdc08e2a7bdb9a227c8b3a584ee3c9f1e
  9. 468121e7d6952799f92940677268937c4c5f92ed
  10. b2398a81b5467f75f476a107027b3259
  11. 3b80a13199564e3d8a9d26e14defabee136638f8
  12. 5859e72f41ec951f10a188cc7d250b88
  13. 9b04a93e05ccff94667f04bffa7af600
  14. a11ee9cdc59e5caa59aefd27b30d104f3ad68e62
  15. 203fd36eed61f7c0f9225cf5a824d39a3a891f63c908586801e350f785f0ddca
  16. 33b494eaaa6d7ed75eec74f8c8c866b6c42f59ca72b8517b3d4752c3313e617c
  17. a9deac7dfa66c4fa0d94e448da73c50eb50501de
  18. 3e958a16db654e438a3ed3d7e6a3deccc2190eed
  19. 15cd13e0cad20394ec1405748e4bd50e3f27313c6274aee098c4eb0ede970b4c
  20. b7703a59c39a0d2f7ef6422945aaeaaf061431af0533557246397551b8eed505
  21. c7d7f0725df47272a7dd40450ae1e833317ba8f9
  22. 254b7cca40f9e624b21841f60bff0919
  23. 2515b546125d20013237aeadec5873e6438ada611347035358059a77a32c54f5
  24. e45b18c93d187aac5c4486f57483bc87580e15def82a312bfb377ff16eb96b22
  25. 01f1e82d4c2b04a4652348fb18bb480396db2229c4fd22d2be1ea58e6bf4a570
  26. 9f431d5549a03aee92cfd2bdbbe90f1c91e965c99e90a0c9ad5a001f4e80c350
  27. a53a9ca8a074c7108f8412c3f8c1fc5d
  28. 71c50b1e19311185928c4c58ffd061642734ac9edf6a45a232fab407e5915472
  29. 0e477c81be68d8e523783ae46a5502574d481c2d
  30. 0274b39e79fa142adb154d090fa2d09e
  31. a7ec88cc08ffa80915f32ac7274218ded88e61c6cda95bedbb8fe9d729ba7495
  32. 2425f7ce87898c69e274daa02c21304f44838eea6521bbf7ffd97427a1f8df2c
  33. 56dfe55b016c08f09dd5a2ab58504b377a3cd66ffba236a5a0539f6e2e39aa71
  34. 5a7c90c0806c846faa58959627a95b816e636e7f
  35. 77962a384d251f0aa8e3008a88f206d6cb1f7401c759c4614e3bfe865e3e985c
  36. ef2cd9ded5532af231e0990feaf2df8fd79dc63f7a677192e17b89ef4adb7dd2
  37. 65d8ba2504cf970adb7ac87a42703e16
  38. 8a4033425d36cd99fe23e6faef9764fbf555f362ebdb5b72379342fbbe4c5531
  39. 168f1b974b31df0889e6dbe75f0fe8486cf932d72f0d6ad8348c97a2e537a738
  40. fd81615d4fec48fee1604a389a95ec4b
  41. 821da79d727351dd67ce5df7950e9a3de6647a3cf474bb3a093f67507fed92a6
  42. c13c49b52069287bbf74b328e6ce084587ec5ffb
  43. 9f7080e56d9b33fe8465da4759146655
  44. 54de95cc33834a2f877ba4842860af27
  45. 37f3ca00f78ae98dac11fb0737ed898b
  46. 770c1dc157226638f8ad1ac9669f4883
  47. 0014e18b7e72bbabd17a8e39c9448563
  48. 5aa3124e5c4921e5edfc60133b5d71da21b07da3
  49. 930f0dc9929c6097f718b42d1dbad42d0263ffac5d598a81fc6fa1ea1f58c41c
  50. 9e82ee5bde6b5d29281a3c280e6d1f2e
  51. 15e9255a3e3401e5f6578d2ac45b7850
  52. 91025d6f02e542f2e37ffce7d0ce8b51
  53. 259faf2de8195f7f4f41c6bc2deb03e20bce4fcb133342d3cd58124eac37fa18
  54. 103ccb9ba1230b21e4fb360e1f1f99b3a6537c8dfe8eb02e853db4eae891d5a1
  55. 1f5ae3b51b2dbf9419f4b7d51725a49023abc81c
  56. 8ad120e4f3e41849fefa229c9b7d3008
  57. 82794015e2b40cc6e02d3c1d50241465c0cf2c2e4f0a7a2a8f880edaee203724
  58. f35e70c17c3fa2d90502cabe038c116c78600788
  59. 83658959f67c300559196d73ca7cc4abcf344db919601832e5b0dab6e54dceed
  60. 0bec4a243d5ca6180c60f26d49f49db5
  61. 99be93aa4c34b39fedcd37663c34511f
  62. 966743447745a30c93ffc1cf1e59ec58
  63. eae67851dc1194cef50ae904f986d5bd
  64. b16e217cdca19e00c1b68bdfb28ead53b20adeabd6edcd91542f9fbf48942877
  65. 75590850346c74a95d505ea3f8ff4a75
  66. df5ab9015833023a03f92a797e20196672c1d6525501a9f9a94a45b0904c7403
  67. 1a81b753c9a8a026a1c99de7c920c063560ca165
  68. 6ee94f6bdc4c4ed0fff621fec36c70ff093659ed
  69. 7556ae58c215b8245a43f764f0676c7a8f0fdd1a
  70. 2d91a78e739891c9854c254f5b2a6b84c0e167dfa253466cbccd2cdd1c20145d
  71. c19dbfe279a7bf88adea52a46aeac15687ed3d1e9e5cbfb123af6504c2ef5a0e
  72. 8284c8676cc22c4b2e66826ac16986da7ddecba1f2776b16771be17bfdc45dc2
  73. c969c14c3cfc68289e75a7400758b460
  74. 395f835731d25803a791db984062dd5cfdcade6f95cc5d0f68d359af32f6258d
  75. b47d1618177b6bc219b8734cd02f9cf7be7aff43
  76. 1c09145f4063f989fbabdd6279f8f486
  77. d17f86f27e9db5a5afde517b5173121e
  78. 0143efc2dd05d7ce2a6c1d2672bc86c3b3381f8e
  79. 3928c5874249cc71b2d88e5c0c00989ac394238747bb7638897fc210531b4aab
  80. 11c1cfce546980287e7d3440033191844b5e5e321052d685f4c9ee49937fa688
  81. 47ec51b5f0ede1e70bd66f3f0152f9eb536d534565dbb7fcc3a05f542dbe4428
  82. ad4f0428fc9290791d550eeddf171aff046c4c2c
  83. ba914fe77b177b45799403b16dd14765c510a074
  84. 1406e538fc441e89ce3d1747017f97a5
  85. feab413f86532812efc606c3b3224b7c7080ae4aa167836d7233c262985f888c
  86. 8f31f69f88a75d5faab4f94cfc2ec8a649fe1a24
  87. 949be42310b64320421d5fd6c41f83809e8333825fb936f25530a125664221de
  88. d920c1a909744e206405ec13539ee01c
  89. 8e8f463c37ea7133194731bfe4490e6713dd0133f30fe08a6d069d10fa7db2c6
  90. 39300863bcaad71e5d4efc9a1cae118440aa778f
  91. bc65ed919988c8e4b8f5a1cd371745456601700a
  92. 5d6b9e80e12bfc595d4d26f6afb099b3cb471dd4
  93. c52d46c66d6469877b156e166ca2dbfb72fe90eb
  94. 849ef3cf2c251f6088d735c7b67c3434e915a1d924efecf4d608dbe9bb01928a
  95. ce31f667580613540d51dfeaf5acbc19
  96. 110a5b08b1f83748019545067a69216b
  97. 534bd6b99ed0e40ccbefad1656f03cc56dd9cc3f6d990cd7cb87af4cceebe144
  98. 4c162edf734d12e0d6bfee3b7df9bef7
  99. 6bc8e3505d9f51368ddf323acb6abc49
  100. 9b8dcd2259b64f77cf7769e96f429c60566e42a9759642727ca91f3263bd4fc1
  101. 9f36877ed925f1dc2cf53db235c53b8c
  102. e84270afa3030b48dc9e0c53a35c65aa
  103. f0537cbb773ae12100b36731e7c39f5a9d852b14
  104. 854512af19cba0d1048b9686e3383d9c5a05d316bb6d09cf2af7e93b5f587349
  105. e2bc2361ead7c80eba86a5d1c492865d
  106. 030a1d6fc3cad2d18bb0b00fa5f663eb80fd24fc
  107. 5a1fe9e72e94d4c92b866f1fc167a5bc098b70bb
  108. e10361a11f8a7f232ac3cb2125c1875a0a69a3e4
  109. c5591d6715ac344f77c25b0418ba4ff82cc565ff44e15466dcb6843b50469d42
  110. 40126b1b3c6f86194fc554cdba3cb5d3
  111. 8d0aed65308fc15f13ab3887739948c9559b9559c9c9a46c12730fd0c825ffe9
  112. 7007cf53bcd0083baba202d8ac2d9070
  113. e1b147aa2efa6849743f570a3aca8390faf4b90aed490a5682816dd9ef10e473
  114. 88169b1d4778ed6c5fda97375efb5b9171ea52649c8715bb449801c39bce4ad4
  115. 7310d6399683ba3eb2f695a2071e0e45891d743b
  116. 048e18416177de2ead251abdf4d89837f6807c6aba4d5b1debe49adfdecbf05c
  117. 40df05b4f04ad093b31c9ca07a559be56a700e49f6051b5cb7462db5f85be8c3
  118. ce66b8221446c9b6d83f0ce6382f430e519601641e5daaaf1ca7a8a8806cb0b0
  119. 0f1b1fdd03b95bacb9996a216c4894d6a272c4a7
  120. a9235540208fa6a25614c24a59e19199
  121. d605994fc72a2bb59b5cfb1624a1b9170eca73a2
  122. ddf23db6881e42e65440c26a208c9175ad705c708f0a5d8426a2636bad79777c
  123. 34a0f4447df3631bc78d53fc97a99503189f8cad
  124. 6cb2e6d24aae57ce7632f9fec4b6c072c2003423
  125. 5761bd63da03686fc480245da7bd1e9f
  126. d2939cd18c9072488767520be081fef71d560896c6293b6633cab099fcd238ae
  127. ea8c8f834523886b07d87e85e24f124391d69a738814a0f7c31132b6b712ed65
  128. ce1b9909cef820e5281618a7a0099a27a70643dc
  129. f8286b6ff0cff377ecc69ce844ab3381
  130. 28e95bd7b637bd06f78b6805495190932978cccf
  131. efb642ad3fab4a2e6cb4de829b60e04dd0d9ae7c2b4cf544de28c38f978b4136
  132. d1001ea7b48ba230191b7df9a9a3da1f
  133. 99aa75fa617a3cae5d376f79bbe6a9be3f8f1d51d5db24993142f48769323d7c
  134. cbe4c87b7678d43a230160876d2682f26891c21c
  135. 023d722cbbdd04e3db77de7e6e3cfeabcef21ba5b2f04c3f3a33691801dd45eb
  136. 28df16894a6732919c650cc5a3de94e434a81d80
  137. 2b31fb4d7e7623778a5175bd1716a555b59859047a602eb25238aceb584cc84e
  138. 5038d3bb47718a453d834480aae8d814ab918e88
  139. 9c82ccddbf3d542a48c4950a82b4f5913c7be9c8e757ba5b78f6ed59979b7fa6
View full IOC feed500 total

TTPs & Attack Vectors

Tools, initial access, and MITRE ATT&CK techniques for dragonforce

CVE-2025-6264
CVE-2025-61155
CVE-2025-59287
CVE-2025-47176
CVE-2025-47171
CVE-2025-1055
CVE-2024-57728
CVE-2024-57727
CVE-2024-57726
CVE-2024-55591
CVE-2024-40766
CVE-2024-37085
CVE-2024-21893
CVE-2024-21887
CVE-2024-21762
CVE-2024-21412
CVE-2024-1709
CVE-2024-1708
CVE-2023-52271
CVE-2023-46805
CVE-2023-27997
CVE-2023-20269
CVE-2021-44228
CVE-2021-35464
CVE-2015-2291
Discovery

T1083

File and Directory Discovery

Execution

T1005.002

User Execution

Impact

T1486

Data Encrypted for Impact

Victims(200)

CompanyDomainCountryIndustryStatusDiscovered
vipimagingvipimaging.comUS United StatesHealthcare
Claimed
about 2 hours ago
stni.co.krstni.co.krKR South Korea
Claimed
about 2 hours ago
agroprimeagroprime.comBR BrazilOther
Claimed
about 2 hours ago
hwasenghwaseng.com.twTW Taiwan
Claimed
about 2 hours ago
medipakpharma.commedipakpharma.comPK PakistanHealthcare
Claimed
about 3 hours ago
Aptoraaptora.comUS United StatesTechnology
Data Leaked
3 days ago
mihana-v.commihana-v.comRU RussiaManufacturing
Claimed
7 days ago
bits-pilani.ac.inbits-pilani.ac.inIN IndiaEducation
Claimed
7 days ago
Tecfi SpAtecfi.itIT ItalyProfessional Services
Claimed
13 days ago
Inkweareink.co.ukGB United KingdomTechnology
Claimed
15 days ago
Corniche Hotel Abu Dhabiabudhabi.corniche-hotels.comAE United Arab EmiratesHospitality
Claimed
17 days ago
Cheoy Lee Shipyardscheoylee.comHK Hong KongManufacturing
Unknown
17 days ago
Al Ishrak Contractingalishrak.comAE United Arab EmiratesOther
Claimed
17 days ago
The DRMdrm.bhBH BahrainHospitality
Claimed
17 days ago
Al Shafar GRCasgrc.aeAE United Arab EmiratesProfessional Services
Claimed
17 days ago
A. Liberty Engineering Co. Ltdaleengg.com.hkHK Hong KongManufacturing
Claimed
17 days ago
Astec Valves & Fittings Pvtastecflow.comIN IndiaManufacturing
Claimed
18 days ago
Brian Coxbrian-cox.co.ukGB United KingdomOther
Claimed
18 days ago
Cekokcekok.com.trTR TurkeyOther
Claimed
18 days ago
Hong Kong Parkviewhongkongparkview.comHK Hong KongHospitality
Claimed
18 days ago

Page 1 of 10

Affected countries(76)

Countries where this group has been reported to target or leak victims.

🇦🇪United Arab Emirates🇦🇱Albania🇦🇷Argentina🇦🇹Austria🇦🇺Australia🇧🇩Bangladesh🇧🇪Belgium🇧🇬Bulgaria🇧🇭Bahrain🇧🇷Brazil🇨🇦Canada🇨🇭Switzerland🇨🇱Chile🇨🇳China🇨🇴Colombia🇨🇷Costa RicaCuraçao🇨🇾Cyprus🇨🇿Czech Republic🇩🇪Germany🇩🇰Denmark🇩🇴Dominican Republic🇪🇬Egypt🇪🇸Spain🇫🇮Finland🇫🇷France🇬🇧United Kingdom🇬🇷Greece🇬🇹Guatemala🇭🇰Hong Kong🇭🇺Hungary🇮🇩Indonesia🇮🇪Ireland🇮🇱IsraelIsle of Man🇮🇳India🇮🇶IraqIran, Islamic Republic of🇮🇹Italy🇯🇲Jamaica🇯🇵Japan🇱🇧Lebanon🇱🇰Sri Lanka🇱🇺Luxembourg🇲🇦Morocco🇲🇳MongoliaMartinique🇲🇽Mexico🇲🇾Malaysia🇳🇪Niger🇳🇬Nigeria🇳🇱Netherlands🇳🇴Norway🇳🇿New Zealand🇵🇦Panama🇵🇪Peru🇵🇭Philippines🇵🇱PolandPuerto RicoPalestine, State of🇵🇹Portugal🇵🇼PalauRussian Federation🇸🇦Saudi Arabia🇸🇪Sweden🇸🇬Singapore🇸🇰Slovakia🇸🇳Senegal🇹🇭Thailand🇹🇷TurkeyTaiwan, Province of China🇺🇦Ukraine🇺🇸United StatesVenezuela, Bolivarian Republic of🇻🇳Vietnam🇿🇦South Africa