The Top Ransomware Threats Aren’t Who You Think

Move over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally.

While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service (RaaS) actors dominate the entire ecosystem of encryption-attack threats.

In fact, just three ransomware families, none of them household names, make up 64 percent of all threats detected, according to telemetry data collected by Bitdefender during August: WannaCryptor, Stop/DJVU and Phobos.

A report from Bitdefender out this week looked at 19.8 million malware detections collected by its telemetry to find insights about the current ransomware threat landscape. The team of analysts were able to identify a total of 250 different ransomware families, but just three dominated the field in terms of sheer attack volume.

Top Ransomware Groups

WannaCryptor accounted for a full 30 percent of threats, Stop/DJVU was behind 19 percent and Phobos trailed just behind with 15 percent.

None of these has made loads of headlines with high-profile attacks, but Phobos was listed as a top ransomware threat in a Joint Cybersecurity Advisory put out by the U.S. government

Read More: