RansomHub outage takes Group-IB researchers by surprise https://t.co/IR5GAbkeud
Prolific RansomHub Operation Goes Dark: https://t.co/fVyimi6uUf by darkreading #infosec #cybersecurity #technology #news
Phishers Take Advantage of Iberian Blackout Before It's Even Over: https://t.co/r69jdGTaVO by darkreading #infosec #cybersecurity #technology #news
RansomHub, a prominent ransomware-as-a-service (RaaS) operation responsible for stealing data from over 200 victims, abruptly went offline on April 1, 2025. This unexpected disappearance caused concern among its affiliates, many of whom migrated to rival groups such as Qilin and DragonForce, with the latter claiming control over RansomHub's operations. The outage surprised cybersecurity researchers at Group-IB and contributed to ongoing fragmentation within the RaaS market. Meanwhile, RansomHub had been refining its extortion strategies prior to going dark. Additionally, the Iberian blackout incident has been exploited by phishers, further complicating the cybersecurity landscape.