Major Ransomware Groups Form Alliance as AI-Powered Attacks Surge

The unprecedented alliance aims to "maximize income" in what the groups describe as a "challenging" ransomware business environment ^[2]. This development coincides with a marked increase in ransomware attacks throughout the year, with threat actors increasingly leveraging both commercial and open-source tools to enhance their operations ^[3].

Recent high-profile attacks demonstrate the evolving threat landscape. Japanese beverage giant Asahi Group Holdings fell victim to a significant ransomware attack ^[4], while Salesforce took a strong stance against extortion by refusing to negotiate with or pay ransomware criminals ^[5]. The Jaguar Land Rover cyberattack has highlighted the critical importance of supply-chain resilience in cybersecurity strategies ^[6].

Security experts are particularly concerned about the role of artificial intelligence in enabling more sophisticated attacks. AI agents are becoming increasingly proficient at all phases of cyberattacks, advancing at a pace that exceeds most predictions ^[7]. This technological evolution, combined with evolving phishing tactics, has contributed to the recent surge in successful ransomware operations ^[8].

1. LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem
2. 3 more infamous cybercrime crews team up to 'maximize income' in 'challenging' ransomware biz
3. Legit tools, illicit uses: Velociraptor, Nezha turned against victims
4. Hacker group claims responsibility for Asahi Group ransomware attack
5. Take this rob and shove it! Salesforce issues stern retort to ransomware extort
6. Cybersecurity Needs A Supply Chain Perspective: JLR attack Shows Why
7. Autonomous AI Hacking and the Future of Cybersecurity
8. Ransomware Strikes Back as Global Attacks Rise in 2025