A large cybercrime operation linked to the ransomware gang The Gentlemen has infected at least 1,570 organisations worldwide, according to new cybersecurity research. The discovery has raised fresh concerns over the growing scale of ransomware attacks targeting businesses.
Security researchers found that the infections were connected to a command-and-control server used by SystemBC, a malware tool commonly used to gain remote access to hacked systems. Once inside, attackers can move through networks, steal data and install ransomware or other malicious software.
Most of the identified victims are believed to be companies rather than individuals. The highest number of infections were reported in the United States, followed by the United Kingdom and Germany, showing that major business hubs were among the key targets.
Researchers linked the activity to an affiliate of The Gentlemen, a ransomware-as-a-service group that surfaced in 2025. Such groups provide ransomware tools to partners, who then carry out attacks in return for a share of ransom payments.
The gang has quickly gained attention for targeting multiple operating systems, including Windows, Linux, NAS storage devices and VMware ESXi servers. This allows attackers to hit a wide range of corporate environments, from office networks to data centres.
Experts say the group also uses double-extortion tactics. In these attacks, criminals first steal sensitive data before encrypting files, then demand payment to unlock systems and prevent the leaked release of stolen information.
Researchers warned that the actual number of victims could be much higher, as many organisations may not yet know they have been compromised or may choose not to report attacks publicly.
Also Read: Zen Tech jumps 11% on licence win