Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
Summary
A pro-Ukrainian hacking group known as Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025. These attacks have recently employed a custom Windows ransomware called GenieLocker, aiming to cause significant damage to Russian businesses.
IFF Assessment
FOE
This is bad news for defenders as it details a group actively launching attacks with custom malware against a specific nation's businesses.
Defender Context
Defenders should be aware of emerging threat actors like Bearlyfy and their evolving toolkits, such as the GenieLocker ransomware. Organizations operating in or with ties to Russia should be particularly vigilant against sophisticated attacks from state-sponsored or ideologically motivated groups.