Double Extortion Ransomware Victims Soar 935%
Researchers have recorded a 935% year-on-year increase in double extortion attacks, with data from over 2300 companies posted onto ransomware extortion sites.
Group-IB’s Hi-Tech Crime Trends 2021/2022 report covers the period from the second half of 2020 to the first half of 2021.
During that time, an “unholy alliance” of initial access brokers and ransomware-as-a-service (RaaS) affiliate programs has led to a surge in breaches, it claimed.
In total, the number of breach victims on ransomware data leak sites surged from 229 in the previous reporting period to 2371, Group-IB noted. During the same period, the number of leak sites more than doubled to 28, and the number of RaaS affiliates increased 19%, with 21 new groups discovered.
Group-IB warned that, even if victim organizations pay the ransom, their data often end up on these sites.
Conti was said to be the most aggressive ransomware group, leaking data on 361 victims (16.5%), followed by Lockbit (251), Avaddon (164), REvil (155) and Pysa (118).
The initial access broker landscape has also matured significantly over the past year. Group-IB claimed to have discovered 229 new players in the market, with the total now standing at 262. The number of