Skip to main content

Who are the top 10 hacker groups in the world (part 1)?

2nd June 2025

If you have been hacked, knowing who did it and why can help you to prevent it from happening again.

We’ve written a lot of articles about cyber security, but we’ve rarely talked about who causes these breaches or why: they’re criminals, so we are reluctant to give them the spotlight. However, there are some large groups of hackers that have had a great impact that it may be worth knowing about, so you can better identify their methods and defend against them.

So, in no particular order, here are the biggest and most renowned cyber criminal organisations as of 2025, what their method of operations is and what they have done to make the list. We start with five, with another five to be revealed in our next blog:

RansomHub: this group work by offering ransomware tools to affiliates, providing them with Ransomware-as-a-Service (RaaS). Experts in extortion, they threaten to either keep or leak data if ransom demands aren’t met.

GoldFactory: focused on the financial industry, this group created the first iOS trojan to steal facial recognition data. Using deepfakes to bypass biometrics makes them extremely technically advanced: better hope your banking app is secure!

Lazarus Group: this group are responsible for espionage, cryptocurrency theft and sabotage, all under the state-sponsorship of North Korea. They used spear-phishing, supply chain attacks and malware to steal over $1.3 billion in crypto in 2024.

DragonForce: you may have heard of this group recently, as they were allegedly responsible for the cyber-attacks on UK retailers recently. Their attacks are often politically motivated (they seem themselves as hacktivists) and they tend to target large organisations and critical infrastructure.

OilRig: know as an Advanced Persistent Threat (APT) and based in the Middle East, OilRig have been known to target various industries, including finance, telecoms, energy and governments. Their overall goal is intelligence gathering and they use methods like phishing and malware to achieve it.

These are the first five to keep an eye out for: in our next video and blog, we bring the next five – remember to come back to get the full list.

If you would like any more information on dangerous hacker groups, or think you have been targeted by one, then please contact Interfuture Security: we can help.

Back to top