Global Cybercrime Gangs Threatening Security

 🌐 Global Cybercrime Gangs Threatening Security

Clop – A prolific Russian-speaking ransomware gang responsible for multilevel extortion using “encryption-less ransomware.” Since 2019, Clop has extorted over $500 million, targeting major organizations worldwide via phishing campaigns and zero‑day exploits—including the MOVEit breach affecting high‑profile targets like BBC and Shell .

Lazarus Group – North Korea–linked APT38 is infamous for large-scale financial cyberattacks. Recent operations include the 2022 massive crypto‑heists from Axie Infinity ($100 M). Lazarus now also conducts espionage and malware attacks on global financial and gaming platforms .

SilverTerrier – A Nigerian-based syndicate of over 400 actors executing business email compromise (BEC) scams worldwide. Since 2014, they’ve sent tens of thousands of fraudulent requests, compromising thousands of organizations with massive financial losses .

BlackCat (ALPHV) – A top-tier ransomware-as-a-service (RaaS) operator with origins tied to DarkSide/BlackMatter. Since 2021–22, they’ve extorted universities, energy utilities, and transportation companies globally by leveraging sophisticated malware and money‑laundering methods .

LAPSUS$ – A small but bold extortion group formed in 2021. Using social engineering, SIM‑swap, and MFA‑fatigue tactics, they breached major tech firms including Microsoft, NVIDIA, and Samsung. Teenaged perpetrators were arrested in Brazil and the UK .

Qilin – An emerging Russian-speaking ransomware gang behind Agenda ransomware. Known for striking hospitals in London and other regions, Qilin affiliates earn ~80–85% of ransom payouts, signifying a sharp rise in affiliate-based criminal models .