AI News NQ Analysis

Check Point Research Publishes Findings Based on Leaked Internal Data from The Gentlemen Ransomware Group

NQ Score 85/100

AI analysis data is not yet available.

Frequently Asked Questions

Q: What ransomware group did Check Point Research investigate, and how many victims were publicly disclosed in 2026?
A: The investigation focused on The Gentlemen ransomware-as-a-service group, which had more than 400 publicly disclosed victims in 2026.
Q: Who is the administrator of The Gentlemen ransomware group, and what previous ransomware affiliation did they have?
A: The administrator, known as zeta88 or hastalamuerte, was a former affiliate of the Qilin ransomware program before launching The Gentlemen operation.
Q: Which AI coding assistants and models did The Gentlemen use to develop their ransomware, and how quickly was their management panel built?
A: They employed AI coding assistants based on Chinese models DeepSeek and Qwen, allowing the administrator to build the entire RaaS management panel in just three days.
Q: How did the compromise of The Gentlemen’s internal systems in May 2026 become linked to a hosting provider, and what is the name of that provider?
A: The internal systems were compromised in May 2026, and the breach is believed to be connected to the hosting provider 4VPS, which the group used for its infrastructure.
Q: What method did The Gentlemen use to gain initial access to victims, and how did they demonstrate a cascading compromise involving customer data?
A: Their initial access relied almost entirely on unpatched edge devices and purchased credentials, and they used stolen victim data to later attack that victim’s customers, showing a real‑world cascade of compromise.