Update of October 16, 2025: The claims by ReliaQuest, reported below by Security Affairs, have been challenged by SuspectFile. Read the criticism with a statement from Qilin at SuspectFile.
Pierluigi Paganini reports:
Ransomware groups DragonForce, LockBit, and Qilin formed a strategic alliance to enhance their attack capabilities, signaling an evolving cyber threat landscape.
The alliance aims at sharing tools and infrastructure to enhance attack effectiveness. The coalition may restore LockBit’s reputation post-takedown and lead to more frequent ransomware attacks, including on critical infrastructure, echoing past collaborations like the 2020 Maze-LockBit partnership that popularized double extortion tactics.
“This quarter, the newly returned LockBit formed a coalition with prominent RaaS groups DragonForce and Qilin, a partnership poised to drive more frequent and effective ransomware attacks.” reads the report published ReliaQuest. “This alliance could help restore LockBit’s reputation among affiliates following last year’s takedown, potentially triggering a surge in attacks on critical infrastructure and expanding the threat to sectors previously considered low risk.”
Read more at SecurityAffairs.