Pierluigi Paganini May 20, 2025

Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware.

It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege of directing.
Our mission is to analyze the main malware threats affecting systems worldwide, dissect major malicious codes, and share our findings with the international community.
This is an open project, so if you are interested, feel free to contact me and contribute to future analyses.

Our first report focuses on a very dangerous threat, the Sarcoma Ransomware.

Sarcoma Ransomware, first detected in October 2024, has rapidly become one of the most active and dangerous ransomware groups. Known for its aggressive tactics, including zero-day exploits and the use of remote monitoring tools, Sarcoma has targeted over 100 victims, mainly in the USA, Italy, Canada, and Australia. High-profile breaches, such as the 40 GB data theft from Smart Media Group Bulgaria, highlight its advanced capabilities. The gang primarily targets high-value companies across various sectors, aiming to cause maximum disruption. In light of this growing threat, the Cybersecurity Observatory of Unipegaso has launched an in-depth investigation to analyze Sarcoma’s methods and support stronger defensive strategies. Experts stress the importance of timely patching, network segmentation, and user awareness to combat such sophisticated threats.

The complete report is available here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, malware lab)