
Check Point Research
Check Point's threat-research division; gained C2 visibility into The Gentlemen's 1,570+ victim network.
Last refreshed: 8 May 2026 · Appears in 1 active topic
Did Check Point Research notify the 1,570 Gentlemen ransomware victims it identified?
Timeline for Check Point Research
Gained visibility on 1,570 Gentlemen ransomware victims via a compromised SystemBC C2 server
Cybersecurity: Threats and Defences: KB5091157, Gentlemen C2 intel, ENISA CNAs: in briefHow did Check Point Research access The Gentlemen's victim list?
What is Check Point Research and what do they publish?
What is SystemBC malware and how does The Gentlemen use it?
Background
Check Point Research is the threat-intelligence and vulnerability research division of Check Point Software Technologies, one of the oldest publicly traded cybersecurity companies. In May 2026, Check Point Research identified and monitored a SystemBC command-and-control server operated by The Gentlemen RaaS, gaining visibility into at least 1,570 confirmed victims across the group's global operations. This single research action provided the most comprehensive public picture of The Gentlemen's reach to date.
Check Point Research publishes monthly and annual threat intelligence reports, including the widely cited Global Threat Index. Its research has led to the discovery of major malware families and state-sponsored toolkits. The division operates autonomously from Check Point's commercial product teams and publishes findings through its own blog, conference papers, and coordinated disclosures with government agencies.
The C2 monitoring technique — identifying and gaining access to a threat actor's command infrastructure — is a high-value intelligence collection method that can reveal victim lists, operational schedules, and malware configurations. That Check Point Research was able to do this against an active top-2 ransomware operation suggests either a misconfigured C2 or a deliberate law-enforcement cooperation effort, though neither was confirmed at the time of publication.