March 2025 Threat Trend Report on Ransomware
This report provides statistics on the number of new ransomware samples, number of targeted systems, and targeted companies collected in March 2025, as well as major Korean and international ransomware issues worth noting. Below are the summarized details.
The number of ransomware samples and number of damaged systems is based on the detection names assigned by AhnLab, and statistics on targeted companies is based on the information published on the Dedicated Leak Site (DLS) of the ransomware group, also referred to as ransomware PR sites or PR pages, collected by the ATIP infrastructure over time.
Overall Ransomware Statistics
The total number of new ransomware samples collected in the past six months is shown below.
The number of new samples collected in March increased higher than the quantity collected in February. The types of malware that made up the number of new samples in March will be examined in the report section “3. New Samples by Ransomware”.
Targeted Businesses by Ransomware Group
Below are the statistics on targeted businesses posted on the ransomware groups’ DLS collected by ATIP. As data on some ransomware groups were collected late or could not be collected by ASD, the report also refers to the table “Targeted businesses by ransomware group (external statistics)” that follows.
Some of the targeted businesses revealed per ransomware group are as follows.
