OldGremlin Ransomware Group Targets Russian Industrial Firms in 2025 Campaign

Researchers at Kaspersky Lab have reported a new wave of ransomware attacks by the OldGremlin group targeting Russian companies during the first half of 2025. Eight large enterprises, primarily in the industrial sector, were affected by these malicious activities. OldGremlin is known for its sophisticated tactics, often involving phishing emails and exploiting software vulnerabilities to gain initial access. The focus on industrial companies underscores the potential for significant operational disruptions and financial losses. This campaign highlights the evolving tactics of ransomware groups and the need for robust cybersecurity measures, including regular backups, employee training, network segmentation, and patch management. The targeting of Russian companies by OldGremlin is notable, suggesting either a lack of concern for local law enforcement or specific motives against these organizations. Industrial companies should be particularly vigilant, as attacks on critical infrastructure can have broader implications for national security and public safety. Collaboration with cybersecurity firms and sharing threat intelligence can help organizations stay ahead of emerging threats. The continued activity of OldGremlin underscores the importance of proactive cybersecurity strategies to mitigate the impact of ransomware attacks.