Download the report
Our mid-year ransomware report provides an update on the most prolific ransomware groups on the dark web, and the emerging threat of new ransomware groups looking to make their mark on the landscape.
The dark web is a constantly shifting place, particularly when it comes to ransomware groups. What seems stable one moment can quickly change as groups fight for dominance, vanish without a trace, and reemerge under new identities.
In response, we’re releasing this mid-year update to ensure your organization stays informed of the latest trends.
This report highlights some of the most critical developments, including the surprising shutdown of one of the largest ransomware groups, and the emergence of new gangs. Additionally, we cover details of ransomware attacks that have targeted organizations in the first half of 2024.
Key findings from the report include:
- The “league table” of the five most prolific ransomware groups of H1 – Including who exited their positions, new joiners, and the impact of law enforcement action on the ranking.
- Profiles of the most prolific ransomware groups – Learn about LockBit, Play, RansomHub, BlackBasta, and 8Base.
- The rise of the new players in the ransomware landscape – Get to know three noteworthy groups (DarkVault, APT73, and Quilong) who established their dark web leaks sites this year and look to be emerging as major threats.
- Noteworthy trends that emerged from H1 2024 – Including the “diversification” of the ransomware landscape and the continued dominance of Ransomware-as-a-Service.
- How organizations can use dark web intelligence against ransomware groups – Using ransomware group’s reliance on dark web forums and leak sites against them.