Threat Trend Report on Ransomware – Ransomware Statistics and Major Issues in August 2024

Threat Trend Report on Ransomware – Ransomware Statistics and Major Issues in August 2024

This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in August 2024, as well as notable ransomware issues in Korea and other countries. 

Disclaimer: The number of ransomware samples and targeted systems are based on the detection names designated by AhnLab, and the statistics on targeted businesses are based on the time the information on the ransomware group’s Dedicated Leak Sites (DLS, identical to ransomware PR sites or PR pages) was collected by the ATIP infrastructure.

 

[Table of Contents]

 

  • Purpose and Scope
  • Major Statistics
    • Data Sources and Collection Methods
    • Overall Ransomware Statistics
    • New Samples by Ransomware
    • Targeted Systems by Ransomware
    • Targeted Companies by Ransomware Group
    • Targeted Businesses by Ransomware Group (External Statistics)
  • Key Trends
    • Lost in the Fog: FOG Ransomware
    • Hunters International Now Using RAT Malware
    • Others
  • Conclusion
  • Indicators of Compromise (IoCs)
    • File Hashes (MD5s)
  • References

 

 

[Overall Ransomware Statistics]

 

The total number of new ransomware samples collected during the past 6 months is as follows.


The number of new samples had been decreasing since May, but this trend was reversed in August. The change is due to the increase in the number of MedusaLocker ransomware, with 400 more found compared to July. As for the malware strains comprising the August new samples, more details are provided in the section 3. New Samples by Ransomware.

[Targeted Companies by Ransomware Group]

 

Below are the statistics on targeted businesses posted on the ransomware groups’ DLS collected by ATIP. As data on some ransomware groups were collected late or could not be collected by ASD, the report also refers to the table “Targeted businesses by ransomware group (external statistics)” that follows.

 


Some of the targeted businesses revealed per ransomware group are as follows. 


 

MD5

0bed99958c995a725fc05319da6a913d
207eb94890acf5e4faee9fe85400b749
25a14b8104eb50d56c46df79b0df37bf
486a6be3bdc4c4a383c9ea61ff0e0432
59f2c032c2e3fb155ca26c16863dbe1e