After the recent decline, the number of ransomware attacks is increasing again. According to NCC Group, the revival is being led by ex-ransomware as a service (RaaS) groups. With the data collected by “actively monitoring the leak sites used by each ransomware group and collecting data from victims when it is released,” the researchers determined that Lockbit was the most prolific ransomware gang, carrying out 62 attacks in July.
This is ten times more than a month Dec and twice as much as the second and third most productive groups put together. “Lockbit 3.0 maintains its position as the most menacing ransomware group that all organizations should be aware of, ” the authors write. The second and third most effective groups are Hiveleaks – 27 attacks and BlackBasta – 24 attacks.
The figures reflect rapid growth for each group – 440 percent growth for Hiveleaks since June and 50 percent growth for BlackBasta. The continuation of ransomware attacks and the emergence of these two specific groups may be closely related. June July, researchers at NCC Group counted 198 successful ransomware campaigns – a 47 percent increase from June. April March As steep as this slope is, it falls slightly short of the high-water mark set this spring, when about 300 such campaigns were carried out in March and April. Why is there such a flow?