"In the recently published "Threat Spotlight: Ransomware and Cyber Extortion in Q3 2025" by ReliaQuest, one particular section drew significant attention: the claim of an alleged "alliance" between three ransomware groups - LockBit, DragonForce, and Qilin. According to the report, these groups had allegedly formed a cooperative relationship, sharing software, resources, and affiliates in a coalition meant to enhance their operational reach and efficiency."
"However, this depiction lacks any verifiable basis. There are no technical indicators, digital forensics, or credible primary sources supporting the existence of shared code, infrastructure, or operational collaboration among these groups. In our view, the claim of an "alliance" is speculative and was presented without sufficient empirical verification. More concerning is how this unverified assumption rapidly spread across various media outlets, where it was often treated as established fact."
ReliaQuest reported an alleged alliance among LockBit, DragonForce, and Qilin claiming shared software, resources, and affiliates. No technical indicators, digital forensics, or credible primary sources corroborate shared code, infrastructure, or operational collaboration. ZeroFox cautioned that the rumored coalition had not materialized and urged restraint in publishing uncorroborated claims. Qilin issued a flat denial of any alliance. The allegation spread quickly across media outlets and was often treated as fact despite the absence of empirical verification. Independent forensic evidence is necessary to substantiate any claim of cooperation.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]