ICIC
MY

DragonForce

Medium ConfidenceMedium Threat

DragonForce Malaysia

DragonForce is a ransomware operation that emerged in 2023, targeting organizations across various sectors with double extortion tactics. The group operates a ransomware-as-a-service model and maintains a data leak site for publishing stolen information. DragonForce has targeted healthcare, manufacturing, and technology organizations, demonstrating sophisticated capabilities in network penetration and data exfiltration.

Origin: Malaysia
Sponsor: Hacktivist (No State Sponsor)
Active: 2021 - Present
Victims: 50+ organizations
Advanced
Active
HacktivismFinancial Gain
Risk Assessment
59
Composite Risk Score
Medium Risk
ARCS Compliance55
Escalation Risk60
Grievance Index70
Infrastructure Impact50
History & Evolution

DragonForce is a ransomware operation that emerged in 2023, targeting organizations across various sectors with double extortion tactics. The group operates a ransomware-as-a-service model and maintains a data leak site for publishing stolen information. DragonForce has targeted healthcare, manufacturing, and technology organizations, demonstrating sophisticated capabilities in network penetration and data exfiltration.

Targeting

Target Sectors

GovernmentTechnologyMedia

Target Regions

Southeast AsiaMiddle EastGlobal
Attribution & Affiliations

Attributed to Hacktivist (No State Sponsor) (Malaysia). Attribution confidence: Medium.

Intelligence Assessment
Medium
Threat Level
Moderately
Targeting
Moderately
Adaptability
Medium
Persistence
Continuous
Op Tempo
Active
Status

Future Outlook

DragonForce is expected to continue operations targeting Government sectors.

Timeline of Key Events
2021
Major

First observed activity of DragonForce

2024
Moderate

Continued active operations