International media conglomerate Albavisión is reeling from a significant cyberattack after the ransomware gang GLOBAL GROUP claimed responsibility for exfiltrating approximately 400GB of sensitive internal data.
Details of the Breach
GLOBAL GROUP, a ransomware collective that has rapidly risen to notoriety since its emergence in June 2025, alleged that it successfully penetrated Albavisión’s network, obtaining a trove of internal documents, corporate communications, and confidential business information. The group is leveraging a double-extortion approach: not only did attackers encrypt Albavisión’s data, but they are also threatening to release or sell the stolen information should the company refuse to pay a ransom.
While specifics regarding the breach vector remain undisclosed, cybersecurity experts note that GLOBAL GROUP frequently exploits access acquired from Initial Access Brokers (IABs) and brute-forces credentials for commonly exposed services such as VPNs and Outlook Web Access. These tactics enable the gang to deploy ransomware quickly and siphon large volumes of data before detection.
Profile of a New Ransomware Powerhouse
Since its appearance on the cybercrime scene, GLOBAL GROUP has established itself as a potent Ransomware-as-a-Service (RaaS) operation. The group is believed to have evolved from or is affiliated with previous notorious ransomware outfits such as Black Lock and Mamona, based on technical similarities and the use of overlapping infrastructure by Russian-speaking actors.
GLOBAL GROUP distinguishes itself by deploying custom ransomware written in the Go programming language, facilitating cross-platform attacks on Windows, Linux, and macOS systems. Their extortion strategy is further enhanced by the use of advanced features, including AI-driven negotiation panels that are designed to psychologically pressure victims during ransom discussions.
The group actively recruits affiliate partners, offering an unusually high 85% revenue share and providing mobile-friendly ransom negotiation platforms—measures aimed at expanding their reach and increasing operational effectiveness.
