Ransomware is Utilizing AI for Extortion and Data Brokering - Velox Systems

Ransomware is Utilizing AI for Extortion and Data Brokering

An image of the randsomware group FunkSec's logo

The Targets of FunkSec

FunkSec primarily targets victims in the U.S., India, Italy, Brazil, Israel, Spain, and Mongolia. Analysts suggest the group consists of novice actors aiming for notoriety by repurposing data from previous hacktivist leaks.

Key figures linked to FunkSec include:

  • Scorpion (aka DesertStorm): Algeria-based, promoted FunkSec on underground forums.
  • El_farado: Emerged as a key promoter after DesertStorm’s forum ban.
  • XTN: Likely involved in an unknown “data-sorting” service.
  • Blako: Tagged by DesertStorm and connected to El_farado.
  • Bjorka: Indonesian hacktivist alias tied to FunkSec leaks, potentially indicating affiliation or impersonation.

The Dangers and Motivations of FunkSec

 FunkSec’s ransomware tools, likely developed with AI assistance, rapidly iterate despite the creators’ limited technical expertise. The malware encrypts files after elevating privileges, disabling security measures, deleting backups, and terminating specific processes.

“Driven by political and financial motives, FunkSec leverages AI and old data leaks to create a disruptive ransomware brand,” Check Point stated.

What Your Organization Can Do

Ransomware is Utilizing AI for Extortion and Data Brokering. AI enables attackers with minimal technical expertise to infiltrate organizations, causing potentially catastrophic damage. Unfortunately, groups like FunkSec are likely to emerge rapidly. The good news? You can defend against them.

A robust cybersecurity program with a well-trained team is essential in today’s evolving threat landscape. No matter your location, remote cybersecurity solutions can protect your organization, staying one step ahead of threats like FunkSec. Want to learn how to strengthen your defenses? Let’s talk!