CyberNetsecIOMay 28

📰 'The Gentlemen' Ransomware Group Emerges as a Top-Tier Threat with Advanced TTPs

Threat Actor Spotlight: 'The Gentlemen' ransomware group has exploded onto the scene, now a top-tier RaaS operation. Using advanced malware and the SystemBC RAT, they've hit over 320 victims in 2026. 🎩 #Ransomware #TheGentlemen #SystemBC

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/the-gentlemen-ransomware-groups-rapid-rise-and-sophistication/?utm_source=mastodon&ut…

(in)sicurezza digitaleMay 16

The Gentlemen smascherati: quando il secondo gruppo ransomware al mondo diventa la vittima

Il backend del gruppo ransomware-as-a-service The Gentlemen è stato violato e i dati interni pubblicati. Check Point Research ha analizzato il leak, rivelando struttura organizzativa, identità dell'amministratore, tattiche di negoziazione e l'arsenale tecnico di uno dei gruppi criminali più attivi del 2026.

https://insicurezzadigitale.com/the-gentlemen-smascherati-quando-il-secondo-gruppo-ransomware-al-mondo-diventa-la-vittima/

The New OilApr 22

The #Gentlemen #ransomware now uses #SystemBC for bot-powered attacks

https://www.bleepingcomputer.com/news/security/the-gentlemen-ransomware-now-uses-systembc-for-bot-powered-attacks/

#cybersecurity

The Gentlemen ransomware now uses SystemBC for bot-powered attacks

A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate.

BleepingComputer
The Threat CodexApr 21
DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy
#TheGentlemen #SystemBC
https://research.checkpoint.com/2026/dfir-report-the-gentlemen/
DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy - Check Point Research

Key Points The Gentlemen RaaS The Gentlemen ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators advertise their services across multiple underground forums, promoting their ransomware platform and inviting penetration testers (and other technically skilled actors) to join as affiliates. The RaaS provides affiliates with multi‑OS lockers for Windows, Linux, […]

Check Point Research
CyberNetsecIOApr 21

📰 Gentlemen RaaS Expands with SystemBC Botnet for Covert Attacks

Gentlemen RaaS is upgrading its toolkit, using the SystemBC botnet for covert SOCKS5 proxying. The combo enables stealthy C2 and payload delivery for attacks on Windows, Linux, and ESXi. 💣 #Ransomware #SystemBC #Gentlemen #CyberSecurity

🔗 https://cyber.netsecops.io/articles/gentlemen-raas-leverages-systembc-botnet-for-widespread-attacks/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

Gentlemen RaaS Expands with SystemBC Botnet for Covert Attacks

The Gentlemen ransomware-as-a-service (RaaS) operation has been linked to the SystemBC proxy malware botnet, enabling affiliates to conduct more stealthy and resilient attacks.

CyberNetSec.io
Analyst207Apr 21

Gentlemen Ransomware Spreads Rapidly Through Affiliate Network

Gentlemen Ransomware is spreading rapidly through its affiliate network, fueling a surge in multi-platform attacks and infections linked to the malicious tool SystemBC. This ransomware-as-a-service operation is making it alarmingly easy for cybercriminals to join the fray and wreak havoc.

https://osintsights.com/gentlemen-ransomware-spreads-rapidly-through-affiliate-network?utm_source=mastodon&utm_medium=social

#Ransomware #GentlemenRansomware #Ransomwareasaservice #AffiliateNetwork #Systembc

Gentlemen Ransomware Spreads Rapidly Through Affiliate Network

Learn how Gentlemen ransomware spreads rapidly through its affiliate network and what it means for cybersecurity, read the latest infosec updates now and stay protected.

OSINTSights
Analyst207Apr 20

Gentlemen Ransomware Gang Taps SystemBC for Botnet Attacks

Imagine your business's infrastructure being hijacked and turned into a fleet of malicious proxies - it's a harsh reality that's now hitting home for over 1,570 corporate victims who've fallen prey to the Gentlemen ransomware gang's SystemBC botnet attacks. Their compromised systems are being used to run proxy services for…

https://osintsights.com/gentlemen-ransomware-gang-taps-systembc-for-botnet-attacks?utm_source=mastodon&utm_medium=social

#GentlemenRansomware #Systembc #BotnetAttacks #RansomwareOperations #MalwareOperations

Gentlemen Ransomware Gang Taps SystemBC for Botnet Attacks

Learn how Gentlemen ransomware gang uses SystemBC for botnet attacks and defend your business from malicious proxies, discover effective security measures now.

OSINTSights
The Threat CodexMar 26
Operation Storming Tide: A massive multi-stage intrusion campaign
#Mora_001 #Matanbuchus #SystemBC
https://fortgale.com/blog/defence/operation-storming-tide/
Operation Storming Tide: A massive multi-stage intrusion campaign

In February 2026, the Fortgale Incident Response team investigated a multi-stage intrusion attributed to Mora_001, a Russian-origin threat actor exploiting Fortinet vulnerabilities. The campaign, internally dubbed "FortiSync Quasar," revealed an evolution from ransomware operations to strategic espionage, deploying Matanbuchus 3.0, Astarion RAT, and SystemBC. Rapid containment prevented any data exfiltration.

Fortgale Blog
The Threat CodexFeb 5
Silent Push Identifies More Than 10,000 Infected IPs as Part of SystemBC Botnet Malware Family
#SystemBC
https://www.silentpush.com/blog/systembc/
Silent Push Identifies More Than 10,000 Infected IPs as Part of SystemBC Botnet Malware Family

Silent Push Preemptive Cyber Defense Analysts identified more than 10,000 unique infected IP addresses associated with the SystemBC botnet.

Silent Push
TechNaduFeb 4

SystemBC infections now exceed 10,000 IPs globally, including systems linked to government hosting.

Silent Push also uncovered a stealthy Linux-targeting Perl variant with zero AV detections.

https://www.technadu.com/systembc-infections-exceed-10000-including-systems-linked-to-government-hosting/619549/

Thoughts?
#ThreatIntel #Malware #SystemBC #Ransomware