A newly identified ransomware variant, DEVMAN, has emerged from the DragonForce codebase, introducing distinct traits and operational quirks. It is primarily active in Asia and Africa and operates a dedicated leak site known as Devman’s Place. Although its operators assert independence, notable code similarities and infrastructure reuse indicate persistent connections within the fragmented Ransomware-as-a-Service landscape.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox