HomeMalware & ThreatsExtortionists Frustrated by Declining Ransomware Activity

Extortionists Frustrated by Declining Ransomware Activity

Published on

spot_img

Cybersecurity Incidents Roundup: Dwindling Ransom Payments and Rising Scams

In a comprehensive weekly roundup of cybercrime incidents, the cybersecurity landscape remains tumultuous as ransomware victims are reported to be paying significantly less to cybercriminals, prompting a shift in strategies among attackers. This summary also highlights the United States’ recent sanctions against cybercrime facilitators, the emergence of scams targeting Celine Dion concert tickets, and notable data breaches, including a significant settlement involving the genetic testing company 23andMe.

Ransomware Victims Pay Less Yet Costs to Recover Surge

Victims of ransomware attacks are demonstrating a marked reluctance to pay high ransoms, which has led cybercriminal groups to innovate new methods of extortion. Reports from the cybersecurity firm ReliaQuest indicate that leading ransomware organizations, including the Deadlock and Gentlemen groups, have begun using advanced evasion techniques to enhance their operations. The latter has notably begun utilizing artificial intelligence to streamline the efficacy of their tools and recruit proficient affiliates into their illicit activities.

The analysis revealed that The Gentlemen group recorded the highest number of non-paying victims in the second quarter of 2026. While ReliaQuest identified 2,252 victims within this timeframe—an increase of 51% from the previous year—the shifting landscape indicates that cyber defenders should concentrate on attackers’ behaviors rather than merely categorizing the most active groups. Interestingly, as ransom payments decrease—with the median payment sliding to $698,000—companies still face an overwhelming average recovery cost of $1.7 million per successful attack.

Recent insights from Sophos suggest a varied willingness to pay within different sectors, with local and state governments topping the list at 72%, in contrast to only 32% in the retail space. Moreover, last year’s statistics showed a slight uptick in successful encryptions, marking a tense backdrop for victims who face increasing pressure as they navigate this perilous cyber environment.

U.S. Sanctions Against Cybercrime Enablers

In a decisive move against cybercrime, the U.S. Department of the Treasury has placed sanctions on two individuals alleged to facilitate ransomware activities. Dmytro Rashevskyi, an administrator of a VPN service known as First VPN Service, has been directly implicated for enabling ransomware groups to obfuscate their attacks and manage stolen data. Alongside him, Belarusian national Yegeniy Silayev has been accused of distributing cryptors that enable malware to evade detection.

This multinational operation, which dismantled the VPN service in May 2026, has been hailed as a significant victory in the ongoing battle against cybercrime, particularly as it has been suggested that actors leveraging these services have collectively caused billions in losses across various industries. U.S. officials emphasized that addressing such facilitators is paramount to combating the far-reaching impacts of ransomware and cyber extortion.

Dangerous Scams Target Celine Dion Fans

Amid increasing criminal activities, a new wave of scams has emerged, notably targeting fans eager for Celine Dion’s concerts in Paris. Cybercriminals have devised a sophisticated ticket fraud scheme that combines social media manipulation and counterfeit ticketing websites, undermining the anticipated excitement over the concerts. Fraudsters infiltrated Facebook groups dedicated to Dion’s fans and posed as legitimate sellers, often convincing victims to make direct bank transfers.

Researchers from Group-IB discovered that the scammers replicated numerous legitimate ticketing platforms, crafting over 20 fraudulent websites that resembled Ticketmaster and other authorized sellers. The statistics are alarming, as victims have been duped into purchasing tickets that were sold multiple times. As a preventive measure, experts advise consumers to purchase tickets only through validated sources and to remain wary of direct bank transactions with non-official sellers.

23andMe to Settle After Data Breach

Genetic testing firm 23andMe, which has recently rebranded itself under the name Chrome Holding, has agreed to pay $18 million to settle claims from 43 U.S. state attorneys general due to security shortcomings tied to a data breach in 2023. This breach compromised sensitive information of approximately 7 million individuals. As part of the settlement, identified funds are intended for distribution among affected states, highlighting the pressing need for robust security measures in the digital realm.

The settlement stems from allegations that 23andMe neglected to implement necessary security protocols, leading to prolonged exposure of sensitive data before the company reacted to enforce mandatory changes or inform affected consumers. A separate legal ruling has complicated the situation further, adding a layer of complexity to the ongoing legal proceedings and possibly limiting future claims against the firm.

Increased Concerns Over Cyber Espionage and New Malware Developments

In related cyber threats, advanced espionage techniques have also come to light, as researchers unveiled a new Chinese-linked rootkit malware known as Daxin. This formidable backdoor has reportedly been stealthily infiltrating systems in Taiwan for 13 years, showcasing the long-term threat that state-sponsored cyber activities present.

Moreover, shortly after gaining initial access, cybercriminals exploited vulnerabilities within a South Asian IT firm to deploy a ransomware variant, Spirals, underscoring how quickly attackers can transition from breach to extortion.

These developments serve as a clarion call for organizations worldwide to bolster their cybersecurity infrastructure, as the nature of cybercrime continues to evolve and challenges persist across sectors.

Source link

Latest articles

Zoom addresses account takeover vulnerability

Zoom Tackles Security Vulnerabilities in Key Software Products Zoom Video Communications recently addressed serious security...

Your VPN Has Become an Attackers’ Front Door

Rethinking VPNs in Today’s Cybersecurity Landscape In the rapidly evolving world of cybersecurity, organizations are...

Two Young Hackers Sentenced for Disrupting London Underground

Police Declare Success After Arrests "Effectively Halted" Scattered Spider Cybercrime Collective In a significant development...

Inside Microsoft’s Record-Breaking Release of 622 Bugs

Microsoft's Record-Breaking Security Update Addresses Urgent Vulnerabilities On July 14, 2026, Microsoft announced an unprecedented...

More like this

Zoom addresses account takeover vulnerability

Zoom Tackles Security Vulnerabilities in Key Software Products Zoom Video Communications recently addressed serious security...

Your VPN Has Become an Attackers’ Front Door

Rethinking VPNs in Today’s Cybersecurity Landscape In the rapidly evolving world of cybersecurity, organizations are...

Two Young Hackers Sentenced for Disrupting London Underground

Police Declare Success After Arrests "Effectively Halted" Scattered Spider Cybercrime Collective In a significant development...