Threat Actor “DragonForce” Seeks New Partners 

RHC Dark Lab : 27 June 2024 14:11

A recent post on a dark web forum reveals that a cybercriminal group known as “DragonForce” is actively seeking new partners to join their Ransomware-as-a-Service (RaaS) operation. This recruitment drive is aimed at expanding their capabilities by incorporating specialists from various fields, particularly access specialists and pentesters, or teams of pentesters.

Recruitment Details

According to the post, DragonForce is offering an attractive partnership deal to entice skilled individuals and teams:

1. Infrastructure and Tools: Partners will have access to DragonForce’s established infrastructure and advanced tools, which are essential for conducting sophisticated cyber attacks.
2. Revenue Share: The group promises a significant share of the profits, offering 80% of the income generated from their operations, while DragonForce retains only 20%.
3. Advanced Technologies: Partners will benefit from the latest technologies to aid in the execution of their tasks.
4. Automation: DragonForce boasts full automation of all work processes, streamlining operations and increasing efficiency.

Operational Capabilities

The post highlights several key features of DragonForce’s operation that are designed to support their partners:

• Control Panel: They provide a control panel that allows partners to track customer actions in real-time. This includes monitoring the progress of attacks and managing various operational aspects.
• Automated Issuing of Files: The control panel also automates the issuing of necessary files for attacks, reducing the manual workload for partners.
• Testing Scripts: DragonForce offers capabilities for testing scripts, ensuring that partners can validate their tools and techniques before deploying them in real attacks.

Organizational Structure

DragonForce operates with a defined organizational structure, maintaining a hierarchical system to manage their operations. This structure likely helps in coordinating large-scale attacks and ensuring smooth collaboration among different partners and teams.

Conclusion

The recruitment drive by DragonForce highlights the evolving nature of cybercriminal operations, where collaboration and specialization are increasingly becoming the norm. By offering a substantial share of profits and access to advanced tools and infrastructure, DragonForce is positioning itself as an attractive partner for skilled cybercriminals looking to leverage their expertise in a lucrative RaaS model.

As these threat actors continue to refine their operations and expand their networks, it underscores the need for enhanced cybersecurity measures and vigilance to protect against such sophisticated threats.

Note: The details provided in this article are based on a post from a dark web forum and reflect the claims made by the threat actor known as DragonForce.

RHC Dark Lab
RHC Dark Lab is a group of experts from the Red Hot Cyber community dedicated to Cyber Threat Intelligence led by Pietro Melillo. Participating in the collective, Sandro Sana, Alessio Stefan, Raffaela Crisci, Vincenzo Di Lello. Their mission is to spread knowledge about cyber threats to improve the country's awareness and digital defences, involving not only specialists in the field but also ordinary people. The aim is to disseminate Cyber Threat Intelligence concepts to anticipate threats.