New ransomware groups account for a quarter of all leaks

No Comments
Ransomware

The world of cybercrime and ransomware never stands still, and a new report from WithSecure shows more advertised data leaks in the first nine months of this year than all of 2022.

‘New’ groups accounted for about a quarter of all the leaks, with Akira and 8base being particularly prominent sources.

A new analysis of data leaked on sites operated by these multi-point extortion ransomware operators indicates that many new groups have become active in this space during 2023. Out of the 60 multi-point extortion ransomware gangs whose activities WithSecure has tracked during the first nine months of 2023, 29 are new.

These new groups largely follow playbooks established by existing operators, but play a key role in sustaining the amount of ransomware attacks facing organizations.

WithSecure threat intelligence analyst Ziggy Davies says, "Code and other aspects of one particular cyber crime operation end up getting used elsewhere because groups and their members often recycle the same resources when they change who they work for or with. Many of the new groups we've seen this year have clear lineage in older ransomware operations. For example, Akira and several other groups share many similarities with the now-defunct Conti group, and are likely former Conti affiliates."

Among other findings, in the first three quarters of 2023, there has been a 50 percent increase in data leaks from ransomware groups compared to the same period last year. Lockbit accounted for the biggest share of the leaks (21 percent), with the five groups with the most leaks (8Base, Alphv/BlackCat, Clop, LockBit, and Play) accounting for over 50 percent of the total.

"Ransomware remains an effective moneymaker for cyber criminals, so they’ll mostly stick to the same basic playbook rather than come up anything really new or unexpected. This makes them pretty predictable, which is good for defenders because they know what they're up against," adds Davies.

You can find out more on the WithSecure blog.

Photo Credit: LeoWolfert/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

Microsoft eases its foot off the accelerator for Copilot development in Windows 11

Beyond the snapshot: Why continuous risk assessment is essential in today's threat landscape

TUXEDO Stellaris 17 (Gen6): A high-performance portable Linux workstation

New solution helps companies prepare for 90-day TLS standard

Get 'Enterprise Transformation to AI and the Metaverse' (worth $59.99) for FREE

Best Windows apps this week

All you wanted to know about passkeys but were afraid to ask

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

78 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

24 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Microsoft is actively blocking Windows 11 tweaking tools

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.