Ransomware Attacks Are on the Rise, Posing Threat to Legal Ops

The month of July saw one of the highest numbers of ransomware attacks in 2023. At 441, it was second only to a record-breaking 556 attacks in May, according to a post from MalwarebytesLabs. Ransomeware gangs raked in about $449 million over a six-month period, according to research from Chainanalysis published in July. The driving force, says Chainanalysis, is the practice of targeting large, financially well-off corporations in order to secure the biggest possible payouts.

The most active ransomware gang today is Cl0p, due to their use of a zero-day exploit in MOVEit Transfer. The gang published the data of an additional 170 victims in July. But Cl0p has apparently not deployed ransomware at all. Instead, the group has focused on stealing company data and later using it as leverage against victims.

Last month ALPHV offered a new API as a conduit for data dissemination, helping other cybercriminals instantly access and distribute stolen information on the dark web.

CACTUS, discussed in this post, has emerged as a fresh strain of ransomware. The uniqueness of CACTUS lies in its use of specialized scripts that automate the release and activation of the ransomware through scheduled tasks.

CYCLOPS which has announced a shift in branding to “Knight,” deploys ransomware that is capable of compromising Windows, Linux and macOS systems. It stands out with its intricate encryption methodology and comes equipped with a distinct stealer component designed to extract and transfer sensitive information.