A number of new cyber gangs have emerged since 2025, and they are changing the landscape.Groups such as Meow (The disruptive behaviors of the group make it a serious cyber threat), KillSec (A RaaS group with ties to Russia,the group targets the healthcare and financial industries and uses affiliates and OSINT to extort),DragonForce(Rapidly becoming a major threat in the realm of cybercrime using a twofold extortion tactic,this group, a Ransomware-as-a-Service (RaaS), encrypts victims’ data and threatens to post the stolen information on the dark web),Cicada3301(Using advanced encryption techniques,this new ransomware group targets Windows and Linux/ESXi computers) have entered the cyber crime world with innovative strategies and a vigorous disruption strategy.
More dispersed, these gangs are more difficult to track down, and they frequently combine ideological goals with financially driven attacks.Others use the pretense of hacktivism to target corporations and governments in order to make political statements as well as demand ransom.
With 531 victims, RansomHub emerged as 2024’s most prevalent ransomware group.Ransomware payloads created by AI are already being used by groups like FunkSec, which cuts down on the time and expertise required to launch attacks.Early in April 2024,Fog ransomware appeared, using stolen VPN credentials to target school networks in the United States.Lynx is a ransomware group that uses double-extortion.Ailock, Belsen Group, CrazyHunter, Cs-137, D0Glun, GD LockerSec, Linkc, NightSpire, Ox Thief, Run Some Wares, SECP0, Sonshi,VanHelsing are some of the new ransomware groups that have been active since the beginning of 2025.It is estimated that the Akira ransomware group has attacked more than 300 businesses worldwide, making it one of the most active and sophisticated ransomware groups.
