CyberSecurity news

FlagThis

@www.reliaquest.com //
ReliaQuest researchers are warning that the BlackLock ransomware group is poised to become the most prolific ransomware-as-a-service (RaaS) operation in 2025. BlackLock, also known as El Dorado, first emerged in early 2024 and quickly ascended the ranks of ransomware groups. By the fourth quarter of 2024, it was already the seventh most prolific group based on data leaks, experiencing a massive 1,425% increase in activity compared to the previous quarter.

BlackLock's success is attributed to its active presence and strong reputation within the RAMP forum, a Russian-language platform for ransomware activities. The group is also known for its aggressive recruitment of traffers, initial access brokers, and affiliates. They employ double extortion tactics, encrypting data and exfiltrating sensitive information, threatening to publish it if a ransom is not paid. Their custom-built ransomware targets Windows, VMWare ESXi, and Linux environments.
Original img attribution: https://www.reliaquest.com/wp-content/uploads/2025/02/021825-blacklock-blog-header-512x354@2x.png
ImgSrc: www.reliaquest.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • AAKL: ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock More: Infosecurity-Magazine: BlackLock On Track to Be 2025’s Most Prolific Ransomware Group
  • Christoffer S.: ReliaQuest Inside the World’s Fastest Rising Ransomware Operator - BlackLock Somewhat of a deep dive into a relatively new RaaS (BlackLock), a very active group both on RAMP and with adding new victims to their leaksite.
  • www.helpnetsecurity.com: BlackLock ransomware onslaught: What to expect and how to fight it
  • www.reliaquest.com: ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock
  • Help Net Security: In-depth analysis of the BlackLock ransomware group and their operational methods.
  • www.infosecurity-magazine.com: ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock More: Infosecurity-Magazine: BlackLock On Track to Be 2025’s Most Prolific Ransomware Group
  • cyberpress.org: BlackLock Ransomware Evolves: Threatens Windows, VMware ESXi, and Linux Systems
  • gbhackers.com: BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments
  • Cyber Security News: BlackLock Ransomware Evolves: Threatens Windows, VMware ESXi, and Linux Systems
  • gbhackers.com: BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments
Classification: