The Current Top 10 Active Ransomware Group Post Count
By Dominic Alvieri
April 23rd, 2023
Quantifying ransomware group activity over the past few years there is no doubt that LockBit is the numerical leader all credibility issues aside. LockBit averages posting over one company per day since their initial formation as ABCD. No one else comes close.
Conti members are still around but this list comprises of active groups with quantifiable active leak sites.
Posts that are somewhat quantifiable...
What is included in the numbers? Posts like the recent LockBit Dark Trace-Dark Tracer fiasco or their goofball post that was removed are not included. Neither are posts like the BlackCat NCR flash cyber incident that is still ongoing.
Up and Coming Groups
The top groups to watch gaining traction are Royal and Play Ransomware. Play will be in the top 10 within the next month if current trends continue. Royal should be in the top 5 by summer.
New groups in 2023
Several new groups have arrived and in the case of Trigona, re-arrived. Money Message sans logo or not should be near the top of the new groups to watch list. Here are a few other new groups to watch:
Money Message
Trigona Ransomware
Cipher Locker
Akira Ransomware
Cross Lock Ransomware
Dunghill Leak...
Dunghill Leak is literally named after a pile of shit. What will they think of next.
Most Dangerous Groups
In my view Alphv BlackCat Ransomware and LockBit are fairly close in the top of this category. BlackCat has the ability to pivot quickly once in a network and LockBit is always trying to improve to stay on top but they have been getting sloppy while Alphv looks like it added another producing affiliate.
Black Basta, BlackByte, Royal and Play Ransomware deserve mention here as do a few others but my time is limited.
Stay safe.
No comments:
Post a Comment