CyberSecurity news

FlagThis

do son@securityonline.info //

FunkSec Ransomware Group Uses AI for Attacks

FunkSec, a new ransomware group, has quickly risen to prominence since late 2024, claiming over 85 victims in its first month, more than any other group during the same period. This four-member team operates as a ransomware-as-a-service (RaaS), but has no established connections to other ransomware networks. FunkSec uses a blend of financial and ideological motivations, targeting governments and corporations in the USA, India and Israel while also aligning with some hacktivist causes, creating a complex operational profile. The group employs double extortion tactics, breaching databases and selling access to compromised websites.



A key aspect of FunkSec's operations is their use of AI to enhance their tools, such as developing malware, creating phishing templates, and even a chatbot for malicious activities. The group developed a proprietary AI tool called WormGPT for desktop use. Their ransomware is advanced using multiple encryption methods, and is able to disable protection mechanisms while gaining administrator privileges. They claim that AI contributes to only about 20% of their operations; despite their technical capabilities sometimes revealing inexperience, the rapid iteration of their tools suggests the AI assistance lowers the barrier for new actors in cybercrime.

Original img attribution: https://securityonline.info/wp-content/uploads/2024/11/hacker-8018467_1280.png
ImgSrc: securityonline.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • : Check Point Research : The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month.
  • malware.news: Malware News article about FunkSec.
  • research.checkpoint.com: FunkSec – Alleged Top Ransomware Group Powered by AI
  • The Hacker News: AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics
  • osint10x.com: New amateurish ransomware group FunkSec using AI to develop malware
  • securityonline.info: FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and Hacktivism
  • securityonline.info: SecurityOnline article on FunkSec.
  • osint10x.com: Threat Actor Interview: Spotlighting on Funksec Ransomware Group
  • training.invokere.com: FunkSec – Alleged Top Ransomware Group Powered by AI
  • Osint10x: Threat Actor Interview: Spotlighting on Funksec Ransomware Group
  • blog.checkpoint.com: Meet FunkSec: A New, Surprising Ransomware Group, Powered by AI
  • Virus Bulletin: Check Point researchers explore FunkSec’s ties to hacktivist activity and provide an in-depth analysis of the group’s public operations and tools, including a custom encryptor.
  • ciso2ciso.com: New Ransomware Group Uses AI to Develop Nefarious Tools – Source: www.infosecurity-magazine.com
  • www.the420.in: First AI-Driven Ransomware ‘FunkSec’ Claims Over 80 Victims in December 2024
  • ciso2ciso.com: Inexperienced actors developed the FunkSec ransomware using AI tools – Source: securityaffairs.com
Classification:
  • HashTags: #FunkSec #Ransomware #Hacktivism
  • Target: Various organizations
  • Attacker: FunkSec
  • Feature: Ransomware
  • Malware: Custom Encryptor
  • Type: Ransomware
  • Severity: Medium