Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.
Latest posts by Esme Greene (see all)
- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
The year 2023 has seen a seismic shift in the world of cybercrime. As per a comprehensive analysis by cybersecurity experts at Arete, ransom demands have skyrocketed, averaging at $600,000, a substantial leap from the previous year. However, there’s a silver lining: fewer victims are caving into these demands, with only 19% opting to pay up in the first half of 2023, compared to 29% in 2022’s latter half. The wane in payouts is credited partly to the rise of attacks that steal data sans encryption, reminiscent of the infamous MoveIT Transfer episode.
Fortunately, as cybercriminal tactics evolve, so do corporate defenses. Companies have increasingly been bouncing back from attacks without surrendering to ransom demands, all thanks to fortified backup systems.
But, who are the culprits behind these insidious attacks? Arete’s report introduces us to the top 5 ransomware syndicates of 2023:
- LockBit (18.7% of cases): a long-standing leader in the cyber extortion arena, they’re known for refining their encryption tools and utilizing a sprawling network of partners. Their modus operandi often involves double or triple extortion techniques, leveraging darknet leak sites and relying on initial access brokers (IABs) to expedite their cyber onslaughts.
- ALPHV / Blackcat (18.7% of cases): since its emergence in late 2021, this gang has shown impressive adaptability and innovation. They employ diverse attack vectors, including phishing, stolen credentials, and brute-force attacks. This group doesn’t discriminate, targeting both Windows and Linux platforms.
- Black Basta (12.9% of cases): a newcomer from late 2021, Black Basta revolutionizes the game by offering its ransomware tech to other hackers via a RaaS (Ransomware-as-a-Service) model. Phishing remains their preferred delivery mechanism.
- Royal (12.9% of cases): active since September 2021, Royal operates as an insular unit, shunning the RaaS model. They have a vast toolkit of malicious tactics, and are notorious for using Cobalt Strike to retain control over infiltrated systems.
- Akira (12.26% of cases): the rookies of 2023, they debuted in April. Thought to be an offshoot of the infamous Conti, Akira has swiftly built a portfolio of victims, especially in North America. Though Avast has compromised their decryption tool, they remain a formidable threat with their peculiar negotiation strategies and retro-themed leak sites.
These revelations not only illuminate the labyrinthine world of cybercrime but emphasize the dire need for heightened cybersecurity measures and awareness.