Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
Overview
A pro-Ukrainian hacking group known as Bearlyfy has carried out over 70 cyber attacks against Russian companies since January 2025. Their recent campaigns have utilized a custom ransomware known as GenieLocker, which targets Windows systems. This group aims to disrupt operations in Russian businesses, indicating a strategic move in the ongoing conflict between Ukraine and Russia. The use of ransomware adds a financial pressure point, potentially crippling affected organizations. As these attacks continue, it raises concerns about the security of critical infrastructure and business operations in the region.
Key Takeaways
- Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
- Affected Systems: Russian companies, Windows systems, GenieLocker ransomware
- Timeline: Ongoing since January 2025
Original Article Summary
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian businesses;
Impact
Russian companies, Windows systems, GenieLocker ransomware
Exploitation Status
This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.
Timeline
Ongoing since January 2025
Remediation
Not specified
Additional Information
This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.
Related Topics: This incident relates to Windows, Ransomware, Microsoft, and 1 more.