DragonForce Stopped Bothering to Encrypt. It Just Walks Out With the Energy Grid and the Pacemaker Files.

The interesting thing about DragonForce in 2026 is not the encryptor. It is that the encryptor has become optional. The crews wearing the brand are increasingly skipping the lock-the-files step entirely and going straight to the part that actually pays: copy the data, threaten to publish it, and pick targets where publication is unthinkable — the energy sector and the medical-device supply chain. We have been watching the same door these crews keep walking through, and the door is the story.

This is not a complaint about a new piece of malware. DragonForce did not build new malware. That is the first thing to understand about it and the thread that ties it to nearly everything we have written about the ransomware economy this year.

DragonForce surfaced as a ransomware-as-a-service operation in late 2023. By 2026 it is less a gang than a storefront — infrastructure, a leak site, an affiliate program, and a brand that other crews rent. Its operators run the textbook double-extortion play: exfiltrate first, encrypt second, then demand payment for both the decryptor and the promise — and it is only ever a promise — that the stolen files will not be published. What changed this year is the weight of the two halves. The exfiltration half is doing the work now. For a hospital network or a grid operator, the threat of publication lands harder than the threat of downtime, and the affiliates have noticed.

Where they are pointing it

Look at who DragonForce affiliates have been claiming, and the targeting is not random opportunism. It clusters in exactly the two sectors where the regulatory and human cost of a leak is highest.

DragonForce claimed AdvancedHealth, a healthcare-services provider, alleging it walked out with roughly 390 gigabytes of data — including about 2.3 million lines of patient information, partner agreements, management records, payroll, and HR files. It claimed the Australian appliance-supply firm QLS Group for some 554 gigabytes. And across the wider 2026 wave, researchers tracking the group place its exfiltration squarely inside the energy and medical-device industries — the parts of critical infrastructure where "we have your files" is not an IT problem, it is a safety, regulatory, and existential one.

There is a second layer that matters for attribution discipline, and we will state it the way the evidence supports it and no further: independent reporting describes Iranian state actors using criminal ransomware brands — DragonForce and Handala among the names cited — as proxies for extortion and disruption against energy and healthcare. We are not asserting that every DragonForce affiliate is a state proxy; the brand is rented too widely for that. We are saying the brand now sits at the exact seam where financially-motivated crime and state-aligned operation become hard to tell apart from the outside — and for a defender, that ambiguity is itself the threat model.

We have been standing at this door for months

This is where our own archive earns its keep, because DragonForce did not arrive on our radar this week. It has been walking through a door we have been describing all year.

In April we published the 48-hour breach sweep that put DragonForce on a single page alongside Lapsus and TheGentlemen — three brands, one weekend, thirty-five victims. In June we wrote up the week three new ransomware brands surfaced and made the point that matters here: none of them built their own malware. They assembled capability from parts — leaked builders, rented infrastructure, supply-chain-stolen credentials. DragonForce is the mature version of that same pattern. It is not a malware author. It is an assembler with a logo.

And on the medical side, the door is the same door. We documented iRhythm's cardiac patients having their monitoring data stolen and held to ransom. We wrote about the AI vendor serving 600 hospitals that got phished in January and produced 1.4 million breach notifications in June. We wrote, back in the fall, that the medical-device companies invisible to AI search are the ones getting breached — and then spent the next eight months watching that prediction collect receipts. DragonForce pointing its affiliates at medical devices is not a new front. It is a new tenant moving into a building we already mapped.

The frame: defend the door, not the dragon

Here is the analytic move, and it is the one we keep coming back to because the data keeps rewarding it. When unrelated adversary classes — a rented criminal RaaS brand, a possible state proxy, three other crews in the same week — all converge on the same target surface, the convergence is the signal. The actor label is the least durable thing in the whole picture. The affiliate roster churns. The brand gets seized and reincarnates. The malware gets renamed. What stays constant is the door: an under-segmented hospital network, a grid operator's flat OT environment, a medical-device vendor whose data sits one stolen credential away from a leak site.

So the defensive posture does not start with "is this DragonForce or is this Iran." It starts with assuming the data is already the target — not the uptime — and asking whether exfiltration would even be noticed before the extortion email arrives. For most of the energy and healthcare orgs in the claimed-victim lists, the honest answer is no. The encryptor at least announced itself. Quiet exfiltration does not, which is precisely why the affiliates are leaning on it.

A few concrete things follow from that, in plain order. First, watch egress, not just endpoints — double-extortion that skips encryption is invisible to anything tuned only for the lock-the-files moment. Second, segment the OT and the device networks so a single foothold does not become a 390-gigabyte walk-out. Third, treat the medical-device and energy supply chain as the credential path it has repeatedly been — the way in is rarely the dramatic zero-day; it is the contractor login and the unrevoked token. Fourth, assume breach and rehearse the leak, because the threat these crews actually hold over you is publication, and the only way to blunt that is to know in advance what they could take.

The honest cap

We cap our confidence at 95%, and here is where the missing 5% lives. Victim claims on a leak site are claims; some are inflated, some are recycled, a few are fabricated to pad a brand's reputation. The Iran-proxy attribution is reported by credible researchers but is exactly the kind of state-or-crime call that is hard to make cleanly from outside the intrusion. And "DragonForce" in two different incidents may be two entirely different affiliates sharing a storefront. None of that changes the defensive conclusion. Whether the hand on the keyboard is a Tehran proxy or a teenager renting a panel, the door they walked through is yours, and it is the same door. Defend the door.

DugganUSA builds threat intelligence from first-hand collection and a curated, inspectable corpus of more than 24 million documents. Victim figures and attribution here are drawn from public reporting and adversary leak-site claims and are treated as claims, not confirmed facts; we cap our confidence at 95% because something is always wrong. Sources include Group-IB, Trend Micro, Darktrace, Halcyon, and Industrial Cyber reporting on DragonForce activity through mid-2026.

The threat feed this post is built on

1.14M+ IOCs, STIX 2.1, precursor signals, supply-chain detection. Free API key in 30 seconds.

Get your free key → analytics.dugganusa.com/stix/register