HomeRisk ManagementsLockBit is the Dominant Player in the Rising Ransomware Scene

LockBit is the Dominant Player in the Rising Ransomware Scene

Published on

spot_img

The XDR security provider ReliaQuest recently released a report on ransomware trends in the last quarter of 2023, revealing a surge in ransomware activity driven by the hyper-active LockBit group. According to the report, ransomware activity increased by 80% between October and December 2023 compared to the same period in 2022. During this time, a total of 1262 victims from various industries were listed on data leak sites, including manufacturing, construction, professional, scientific, and technical services.

The report highlighted LockBit as the most active threat group, claiming 275 victims on data leak sites in the last quarter of 2023. This number far exceeded the victims claimed by the second most active group, Play, and others such as ALPHV/BlackCat, NoEscape, and 8Base. This dominance by LockBit was consistent with previous trends, as the group had been the most active throughout 2023. LockBitSupp, the public representative of LockBit, had been observed trying to recruit members from other ransomware groups whose activities had been disrupted by law enforcement operations, such as NoEscape and ALPHV.

The report also noted an increase in activity by the NoEscape and Play ransomware groups during the last quarter of 2023, with November experiencing a significant uptick in ransomware victim claims, reaching 484 for that month alone. ReliaQuest attributed this spike to the increased exploitation of the Citrix Bleed vulnerability primarily by LockBit affiliates. Additionally, November brought new aggressive extortion tactics by the ransomware group ALPHV, involving the US Securities and Exchange Commission (SEC) to pressure their targets.

However, the MOVEit campaign seemed to have cooled down, with the Clop group naming 95.3% fewer victims in Q4 2023 than in the previous quarter. Despite this, ReliaQuest expects the rise in ransomware claims to continue into 2024, and the firm shared predictions regarding the tactics of some of the most active ransomware groups. These predictions included expectations of LockBit continuing to exploit vulnerabilities in NetScaler, Clop making a comeback in 2024, and NoEscape eventually resuming its activity under another name.

ReliaQuest’s report shed light on the growing threat of ransomware and the tactics employed by various ransomware groups to target organizations across different industries. As the ransomware landscape continues to evolve, organizations will need to remain vigilant and implement robust cybersecurity measures to protect against increasingly sophisticated attacks.

Source link

Latest articles

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...

Hackers Compromise IIS Server and Launch Ransomware Attack Within 24 Hours

--- In June 2026, cybersecurity experts uncovered a coordinated and sophisticated cyber intrusion that began...

Women’s Care and Pulmonary Sleep Breaches

In a concerning trend for healthcare security, two healthcare providers have publicly revealed data...

Citrix Secure Access Client Vulnerability Allows Low-Privileged Windows Users to Attain SYSTEM Privileges

Cloud Software Group has recently alerted users to significant vulnerabilities affecting both the Citrix...

More like this

Scammers Exploit FaceTime for Social Engineering Tactics

Apple Warns Users About Social Engineering Scams Targeting FaceTime Apple Inc. has made a significant...

Hackers Compromise IIS Server and Launch Ransomware Attack Within 24 Hours

--- In June 2026, cybersecurity experts uncovered a coordinated and sophisticated cyber intrusion that began...

Women’s Care and Pulmonary Sleep Breaches

In a concerning trend for healthcare security, two healthcare providers have publicly revealed data...