March 2026 Dark Web Threat Actor Trends Report
Alerts this report is a compilation of trends centered on hacktivists operating on the deep web and dark web. some alleged attacks are labeled as observations due to limited independent technical verification. Major Issues Handala’s multi-pronged offensive stood out. The group used a combination of psychological warfare and subversive attacks,
Ransom & Dark Web Issues Week 4, December 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, December 2025 Denmark points to Russia-linked actors as behind destructive attacks on water facilities and large-scale pre- and post-election DDoS campaigns Customer data of a Japanese automaker leaked following a breach at a U.S. software
Ransom & Dark Web Issues Week 2, December 2025
ASEC Blog publishes Ransom & Dark Web Issues Weeks 2, December 2025. Source code from a South Korean camping reservation platform sold on DarkForums LockBit 5.0 targets 25 companies worldwide with ransomware attack Agencies from USA and Europe escalate pressure on pro-Russian hacktivists
Ransom & Dark Web Issues Week 3, October 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, October 2025 New ransomware groups Kyber, Nasir Security, Kryptos, Tengu, and VFVCT (V For Vendetta Cyber Team) have emerged. Data from a South Korean website-building platform is being sold on the cybercrime forum DarkForums.
Ransom & Dark Web Issues Week 3, August 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, August 2025 WARLOCK launched a ransomware attack targeting a telecommunications provider in France. The pro-Israeli hacktivist group “313 Team” claims to have conducted DDoS attacks against nine institutions in Saudi Arabia. Qilin carried out
Ransom & Dark Web Issues Week 3, July 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, July 2025 Data from Indonesian government agencies leaked on DarkForums. User data from a Korean portal site was sold on a cybercrime forum. A multinational investigation, Operation Eastwood, was launched targeting the pro-Russian hacktivist group NoName057(16).
May 2025 Deep Web and Dark Web Trends Report
Disclaimer This trend report on the deep web and dark web of May 2025 is sectioned into Ransomware, Data Breach, DarkWeb, CyberAttack, and Threat Actor. Please note that there are some parts of the content that cannot be verified for accuracy. Key Issue 1) Ransomware
Ransom & Dark Web Issues Week 3, May 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, May 2025 Pro-Russian hacktivist group Killnet announces resumption of activities. Ransomware group HellCat shuts down operations. Hacktivist group Team 1722 claims responsibility for website hacks and data leaks targeting several South Korean
Ransom & Dark Web Issues Week 1, May 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 1, May 2025 The new ransomware group Silent Team, which operates anonymously, claims attacks on three companies based in the US and Japan. The new ransomware group Gunra claims attacks on four companies across
Ransom & Dark Web Issues Week 3, March 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, March 2025 New RaaS platform VanHelsing Locker being promoted on dark web forums Pro-Palestinian hacktivist group RipperSec claims to have hacked SCADA systems of Korea Electric Power Technology and Dairy Promotion Board, among others Hacktivist
