All Change at the Top as New Ransomware Groups Emerge
The Ransomware as a Service (RaaS) landscape underwent another major shift in the third quarter as new variants emerged to become the dominant players in the ecosystem, according to Intel 471.
In a new update, the threat intelligence company explained that 60% of the attacks it tracked during the period were tied back to four variants: LockBit 2.0, Conti, BlackMatter and Hive.
Of these, LockBit 2.0 was the most prolific, accounting for a third (33%) of observed attacks, followed by Conti (15%), BlackMatter (7%) and Hive (6%).
“Be it due to law enforcement, infighting amongst groups or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago,” said Intel 471.
“Yet, even with the shift in variants, ransomware incidents as a whole are still on the rise. From July to September 2021, Intel 471 observed 612 ransomware attacks that can be attributed to 35 different ransomware variants. Among those attacks, several lesser-known variants have supplanted prominent ones that rose in notoriety over the first half of 2021.”
LockBit 2.0’s rise has been particularly notable, as it was only