2025-02-22 02:07:05 Pacfic
BlackLock Ransomware Group Becomes Prolific Operator - 3d
ReliaQuest researchers are warning that the BlackLock ransomware group is poised to become the most prolific ransomware-as-a-service (RaaS) operation in 2025. BlackLock, also known as El Dorado, first emerged in early 2024 and quickly ascended the ranks of ransomware groups. By the fourth quarter of 2024, it was already the seventh most prolific group based on data leaks, experiencing a massive 1,425% increase in activity compared to the previous quarter.
BlackLock's success is attributed to its active presence and strong reputation within the RAMP forum, a Russian-language platform for ransomware activities. The group is also known for its aggressive recruitment of traffers, initial access brokers, and affiliates. They employ double extortion tactics, encrypting data and exfiltrating sensitive information, threatening to publish it if a ransom is not paid. Their custom-built ransomware targets Windows, VMWare ESXi, and Linux environments.
ImgSrc: www.reliaquest.com
References:
- @AAKL - ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock More: Infosecurity-Magazine: BlackLock On Track to Be 2025’s Most Prolific Ransomwa - 3d
- @nopatience - ReliaQuest Inside the World’s Fastest Rising Ransomware Operator - BlackLock Somewhat of a deep dive into a relatively new RaaS (BlackLock), a very active group both on RAMP and with adding new - 3d
- www.helpnetsecurity.com - BlackLock ransomware onslaught: What to expect and how to fight it - 3d
- www.reliaquest.com - ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock - 3d
- Help Net Security - In-depth analysis of the BlackLock ransomware group and their operational methods. - 3d
- www.infosecurity-magazine.com - ReliaQuest: Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock More: Infosecurity-Magazine: BlackLock On Track to Be 2025’s Most Prolific Ransomwa - 2d
- cyberpress.org - BlackLock Ransomware Evolves: Threatens Windows, VMware ESXi, and Linux Systems - 1d
- gbhackers.com - BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments - 1d
- Cyber Security News - BlackLock Ransomware Evolves: Threatens Windows, VMware ESXi, and Linux Systems - 1d
- GBHackers Security | #1 Globally Trusted Cyber Security News Platform - BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments - 1d
Classification:
- HashTags: BlackLock Ransomware RaaS
- Company: BlackLock
- Target: Potential Victims
- Attacker: ReliaQuest
- Product: RaaS
- Feature: Ransomware-as-a-Service
- Type: Ransomware
- Severity: Major