好的,我现在要帮用户总结一篇文章,控制在100字以内。首先,我需要仔细阅读文章内容,抓住主要信息。 文章讲的是一个支持乌克兰的黑客组织Bearlyfy在过去一年对俄罗斯公司进行了超过70次网络攻击,并且现在正在升级他们的活动,使用了新的勒索软件工具。这个组织最初在2025年1月出现,最初攻击较小的俄罗斯企业,技能有限,赎金也不高。但随着时间推移,他们的目标转向大型企业,赎金也涨到了几十万美元。 他们的目标既有财务也有政治动机,既想造成最大损害,又想通过赎金获利。F6估计大约五分之一的受害者支付了赎金。最近他们开始使用自己开发的恶意软件GenieLocker,并且不像其他勒索软件那样自动生成赎金说明,而是手动创建信息。早期他们依赖现有的工具,比如LockBit和Babuk的变种。 此外,Bearlyfy还与其他支持乌克兰的组织合作,但保持自己的运营风格。西方研究人员没有报道他们的活动,可能是因为缺乏对俄罗斯网络的可见性。 总结的时候要涵盖这些要点:组织名称、攻击次数、目标变化、赎金增加、双重动机、自研恶意软件、早期工具依赖以及与其他组织的合作。同时要简洁明了,在100字以内。 可能的结构:支持乌克兰的黑客组织Bearlyfy在过去一年对俄罗斯公司发动了70多次网络攻击,并升级工具;最初针对小企业,现在转向大型企业;赎金从几千到几十万;目标是破坏和获利;使用自研恶意软件GenieLocker;早期依赖现有工具;与其他组织合作。 </think> 支持乌克兰的黑客组织Bearlyfy在过去一年对俄罗斯公司发动了70多次网络攻击,并升级工具;最初针对小企业,现在转向大型企业;赎金从几千到几十万;目标是破坏和获利;使用自研恶意软件GenieLocker;早期依赖现有工具;与其他组织合作。 2026-3-26 15:45:45 Author: therecord.media(查看原文) 阅读量:3 收藏
A pro-Ukrainian hacker group known as Bearlyfy has carried out more than 70 cyberattacks against Russian companies over the past year and is now escalating its campaign with newly developed ransomware tools, researchers have found. Bearlyfy first appeared in January 2025 and initially targeted smaller Russian businesses. In its early operations, the attackers showed limited skills and demanded modest ransoms of only a few thousand dollars, according to a report by the Russian cybersecurity firm F6. “Within a year this group has become a real nightmare for large Russian businesses,” researchers said, adding that the group’s ransom demands in recent attacks have grown to hundreds of thousands of dollars. According to the researchers, the group’s primary goals are both financial and political. They appear to be causing “maximum damage” to Russian companies while also generating revenue through ransomware payments. F6 estimates that roughly one in five victims ultimately pays the ransom. The group has recently begun deploying its own malware, marking a new stage in its operations. Since early March, Bearlyfy has used a custom-built Windows ransomware strain known as GenieLocker, which researchers believe was developed by the group itself. Unlike many ransomware operations, Bearlyfy’s malware does not always automatically generate ransom notes. Instead, attackers sometimes create their own messages manually, ranging from short instructions with contact details to longer messages mocking the victim company. Earlier Bearlyfy attacks relied heavily on existing ransomware tools derived from leaked code. For example, Bearlyfy often used LockBit 3 Black, created with a builder for the LockBit ransomware-as-a-service platform that leaked online in 2022. On Linux systems, the group deployed a modified version of the Babuk ransomware based on publicly leaked source code. F6 has also observed collaboration between Bearlyfy and other, more experienced pro-Ukrainian groups, such as Head Mare, although the group has maintained its own distinct operational style, researchers said. Western researchers have not reported on Bearlyfy’s activity, likely because many lack visibility into Russian networks.
Get more insights with the
Recorded Future
Intelligence Cloud.
如有侵权请联系:admin#unsafe.sh