Ransom & Dark Web Issues Week 2, September 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 2, September 2025 Financial Institution Data from Poland and Central Europe Listed for Sale on DarkForums Gunra Ransomware Targets Korean Manufacturer Emergence of Four New Ransomware Groups: Obscura, Yurei, The Gentlemen, Radar
Ransom & Dark Web Issues Week 1, Sep. 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 1, Sep. 2025 Japan-Based Automotive Company Listed as a New Victim of Ransomware Group Black Nevas Emergence of New Ransomware Groups: Desolator and LunaLock Korean Electronics Parts Manufacturer Targeted by Ransomware Group Gunra
Ransom & Dark Web Issues Week 4, August 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, August 2025 Qilin Targets Japanese Automotive Design Firm in Ransomware Attack Attempt to Sell South Korean Local Government Data on DarkForums Raises Credibility Concerns Emerging Ransomware Group Cephalus Hits at Least 9 Organizations, Reveals Victims via
Ransom & Dark Web Issues Week 3, August 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, August 2025 WARLOCK launched a ransomware attack targeting a telecommunications provider in France. The pro-Israeli hacktivist group “313 Team” claims to have conducted DDoS attacks against nine institutions in Saudi Arabia. Qilin carried out
Ransom & Dark Web Issues Week 2, August 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 2, August 2025 Ransomware Group ‘World Leaks’ Claims Attack on U.S. Defense Contractors Ongoing Identity Data Leaks Target Hotels in Montecatini, Rimini, Milan, and Bardonecchia, Italy New Cyber Threat Group Emerges: Scattered Lapsus$ Hunters
Ransom & Dark Web Issues Week 1, August 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 1, August 2025 Emergence of New Ransomware Groups: BQTLock, Pear, and Black Nevas Increase in Cyberattacks Targeting South Korea [1], [2], [3] Ongoing Identity Information Leaks Targeting Hotels in Europe [1], [2], [3], [4]
Ransom & Dark Web Issues Week 5, July 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 5, July 2025 Reemergence of the Shut-Down Cybercrime Forum BreachForums Two Data Listings from South Korea by the Same Threat Actor Sequential Attacks: French Telecom Subsidiary Breach Leads to Parent Company Compromise
Ransom & Dark Web Issues Week 4, July 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, July 2025 Pro-Russian Hacktivist Group NoName057(16) Launches DDoS Attack on Europol Website Data from French Defense Contractor for Sale on DarkForums XSS Forum Shutdown: Analyzing the Impact on the Russian-Speaking Cybercrime Ecosystem
Ransom & Dark Web Issues Week 3, July 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, July 2025 Data from Indonesian government agencies leaked on DarkForums. User data from a Korean portal site was sold on a cybercrime forum. A multinational investigation, Operation Eastwood, was launched targeting the pro-Russian hacktivist group NoName057(16).
Ransom & Dark Web Issues Week 2, July 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 2, July 2025 Announcement of the shutdown and rebranding of the ransomware group Hunters International Emergence of multiple new ransomware groups and rebrands, DLS renewal and reactivation Sudden shutdown announcement alongside the ransomware group SatanLock

