Connect with us

Cyber Security

Meet FunkSec: a New, Surprising Ransomware Group, Powered by AI

Published

on

Check Point Research (CPR) has been analyzing this emerging group, which claims to heavily target the United States. Here’s what organizations need to know: The FunkSec ransomware group first emerged publicly in late 2024, and rapidly gained prominence by publishing over 85 claimed victims—more than any other ransomware group in December. Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec favours double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms. FunkSec appears to have no known connections to previously identified ransomware gangs, and little information is currently available about its origins or operations.

CPR’s analysis indicates that the high number of published victims may mask a more modest reality, both in terms of actual victims as well as the group’s level of expertise. Most of FunkSec’s core operations are likely conducted by inexperienced actors, with the support of AI. In addition, it is difficult to verify the authenticity of the leaked information as the group’s primary goal appears to be to gain visibility and recognition. Evidence suggests that in some instances, the leaked information was recycled from previous hacktivist-related leaks, raising questions about its authenticity.

Additionally, FunkSec has ties to hacktivist activity, with members operating in Algeria. This highlights the increasingly blurred line between hacktivism and cybercrime, emphasizing the challenges in distinguishing one from the other. Whether such a distinction genuinely exists—or whether the operators are even aware of or concerned with defining it—remains uncertain.

More importantly, it also calls into question the reliability of current methods for assessing the risk posed by ransomware groups, especially when those assessments rely on the public claims of the actors themselves. A closer analysis of FunkSec’s activities and DarkWeb discussions offers some tantalizing hints about the group, namely that their motivations seem to straddle the line between hacktivism and cybercrime.

Continue Reading

Cyber Security

Cybersecurity has Gained Significant Traction in the Region

Published

on

Fernando Cea, the VP of Technology for New Markets at Globant, says 45% of business leaders prioritise cyber risk management in the region, surpassing the global average of 43% (more…)

Continue Reading

Cyber Security

A Reliable Data Backup Strategy is Very Important

Published

on

Sertan Selcuk, the Vice President of METAP and CIS Regions at OPSWAT says hackers are now targeting third-party vendors—companies that have access to critical infrastructure but often have less robust security measures (more…)

Continue Reading

Cyber Security

Cloud and IoT Vulnerabilities Expose Smart Cities and Industrial Systems to Cyber Risks

Published

on

Ezzeldin Husein, the Regional Senior Director for Solution Engineering – META at SentinelOne says cyberattacks on MEA’s critical infrastructure are becoming more sophisticated, with nation-state actors, ransomware gangs, and hacktivists targeting energy, finance, and transportation sectors (more…)

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.