Multinational Spanish-language media conglomerate Albavisión has become the latest high-profile victim of a sophisticated ransomware attack, allegedly perpetrated by the nascent “GLOBAL GROUP” ransomware-as-a-service (RaaS) operation. The Miami-based media giant is reported to have suffered a significant data breach, with attackers claiming to have exfiltrated over 400 GB of sensitive data.
The incident, which came to light on July 29th, marks Albavisión as the 29th reported victim of GLOBAL GROUP since its emergence just last month. The cybercriminal syndicate has issued an undisclosed ransom demand, giving Albavisión two weeks to comply before threatening to leak the stolen information on the dark web.
This attack underscores a worrying trend in the cybersecurity landscape, with GLOBAL GROUP increasingly targeting media companies. Italian radio station Rete Toscana Classica and Ireland’s national broadcaster, RTE, are also believed to be among the group’s growing list of victims. Cybersecurity experts warn that the media industry, with its vast amounts of intellectual property and audience data, presents an attractive target for ransomware groups seeking high-value ransoms.
Analysis of GLOBAL GROUP’s tactics reveals a highly organized and technologically advanced operation. The group, believed to be a rebranding of the “BlackLock RaaS” operation, leverages initial access brokers (IABs) to infiltrate networks, often exploiting vulnerabilities in edge appliances like Fortinet, Palo Alto, and Cisco devices. They also utilize brute-force tools for Microsoft Outlook and RDWeb portals, allowing for high-privilege initial access. Once inside, they deploy a customized variant of the Mamona ransomware, equipped with enhanced functionality for automated domain-wide installation.
Adding another layer of sophistication, GLOBAL GROUP’s ransom negotiation panel features an AI-driven chatbot system. This innovation allows non-English-speaking affiliates to engage victims more effectively, intensifying psychological pressure and facilitating seven-figure ransom demands.
The attack on Albavisión serves as a stark reminder for organizations across all sectors to bolster their cybersecurity defenses. Experts emphasize the urgent need for complete threat intelligence, robust incident response plans, and extensive cybersecurity training for all employees to mitigate the ever-evolving threat of ransomware. As cybercrime continues to evolve, businesses must prioritize proactive and adaptive security strategies to safeguard their critical assets and maintain operational integrity.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
