Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

BlackLock On Track to Be 2025âs Most Prolific Ransomware Group Infosecurity Magazine

pUK EMEA News Reporter Infosecurity MagazineppSecurity researchers have lifted the lid on one of the fastest growing and formidable ransomwareasaservice RaaS groups of 2025ppDubbed BlackLock aka El Dorado or Eldorado the RaaS outfit has been around since March 2024 and has increased its number of data leak posts by a staggering 1425 quarteronquarter in Q4 of last year according to ReliaQuestppThe threat intelligence vendor claimed that BlackLock could become the most active RaaS group of 2025ppAlthough like many other variants it uses double extortion tactics and targets Windows VMWare ESXi and Linux environments there are other characteristics that set it apartppThese includeppReliaQuests research also revealed that while most RaaS operators delegate earlystage tasks to affiliates BlackLock likes to maintain control something that has likely helped fuel its rapid riseppBlackLock actively recruits key players known as traffers to support the early stages of ransomware attacks These individuals drive malicious traffic steer victims to harmful content and help establish initial access for campaigns Recruitment posts for traffers explicitly outline requirements signaling BlackLocks urgency to bring on candidates quickly often prioritizing speed over operational security the report explainedppIn contrast posts seeking higherlevel developer and programmer roles are far more discreet with details and resumes shared privately instead These roles likely involve greater trust higher compensation and longterm commitment making the recruitment process more delicateppRead more about ransomware groups The Top 10 Most Active Ransomware Groups of 2024ppReliaQuest warned that the group may be planning to exploit Microsoft Entra Connect synchronization mechanics in a bid to compromise onpremises environments this yearppIt urged organizations using the feature to harden attribute synchronization rules monitor and restrict key registrations and enforce conditional access policiesppOther best practice advice for network defenders includes enabling multifactor authentication MFA disabling Remote Desktop Protocol RDP on unnecessary systems configuring ESXi hosts to enable strict lockdown mode restricting network access and disabling other unnecessary services eg SNMP vMotionppp

Read the original article 18 Feb 2025

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

BlackLock On Track to Be 2025âs Most Prolific Ransomware Group Infosecurity Magazine