![]() We speculated on reasons for the downward trend in last month’s review, such as it being possibly related to a recent affiliate arrest, but interesting research published last month may also hold the clue to other answers. Known ransomware attacks by gang, August 2023 Known ransomware attacks by country, August 2023 Known ransomware attacks by industry sector, August 2023 Before this sudden increase in attacks, we had been observing an average decrease of 20 attacks a month from the group since April 2023. Lockbit, on the other hand, posted a total of a 124 victims on its leak site last month to reclaim its usual number one spot on the monthly charts. We witnessed a similar trend earlier this year when, after targeting 104 victims using a GoAnywhere MFT zero-day, CL0P’s presence almost vanished in April and May, as organizations presumably caught on and patched the vulnerability. As more organizations became aware of and patched the zero-day that CL0P discovered, CL0P's zero-day campaign saw less and less momentum, with fewer at-risk targets. ![]() This dramatic decrease isn’t too surprising given that CL0P’s vulnerability-focused approach to attacking has diminishing returns. In June, CL0p shot to the top of the charts due to their use of a zero-day exploit in MOVEit Transfer, with victims of those attacks continuing to be posted into July. ![]() Ransomware news in August was highlighted by the sudden fall of CL0P from the list of the most active gangs in any given month, while Lockbit returned to the number one spot after a steady four-month decline in activity.ĬL0P published the data of just four victims on their leak site last month, down from 91known victims in June and 170 known victims in July. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In this report, "known attacks" are those where the victim did not pay a ransom. This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |