Threat Trend Report on Ransomware – Ransomware Statistics and Major Issues in July 2024

Threat Trend Report  on Ransomware – Ransomware Statistics and Major Issues in July 2024

This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in July 2024, as well as notable ransomware issues in Korea and other countries. 

Disclaimer: The number of ransomware samples and targeted systems are based on the detection names designated by AhnLab, and the statistics on targeted businesses are based on the time the information on the ransomware group’s Dedicated Leak Sites (DLS, identical to ransomware PR sites or PR pages) was collected by the ATIP infrastructure.

 

[Table of Contents]

 

  • Purpose and Scope
  • Major Statistics
    • Data Sources and Collection Methods
    • Overall Ransomware Statistics
    • New Samples by Ransomware
    • Targeted Systems by Ransomware
    • Targeted Companies by Ransomware Group
    • Targeted Businesses by Ransomware Group (External Statistics)
  • Key Trends
    • Brain Cipher Gang’s Grand Entrance
    • Cactus Ransomware Re-emerges
    • Others
  • Conclusion
  • Indicators of Compromise (IoCs)
    • File Hashes (MD5s)
  • References

 

 

[Overall Ransomware Statistics]

 

The total number of new ransomware samples collected during the past 6 months is as follows.


 

The same trend of decrease in the number of new samples was seen in July as well. This is due to the significant decrease in GandCrab ransomware (file developed in the past), which ranked 1st place in June. As for malware strains that comprise the new samples in July, refer to “3. New Samples by Ransomware.”

 

[Targeted Companies by Ransomware Group]

 

Below are the statistics on targeted businesses posted on the ransomware groups’ DLS collected by ATIP. As data on some ransomware groups were collected late or could not be collected by ASD, the report also refers to the table “Targeted businesses by ransomware group (external statistics)” that follows. 


Some of the targeted businesses revealed per ransomware group are as follows.


MD5

05b894d239c93cdebc42e348776601da
214d097d63c0aa20ae2a833518c583a1
39fe99d2250954a0d5ed0e9ff9c41d81
42bce02c8f6d561f02856a367272b835
86c259c19ea34e900804129ff77cc4d1