June 2025 Threat Trend Report on Ransomware
This report provides statistics on the number of new ransomware samples and affected systems, and affected companies that were collected in June 2025, as well as major ransomware issues in and out of Korea. Below is a summary of the information.
The statistics on the number of ransomware samples and affected systems were based on the detection names given by AhnLab. Additionally, the statistics on affected companies by ransomware were based on the time when the information was collected from the Dedicated Leak Sites (DLS) of the ransomware group, which are PR sites or pages for ransomware, in the ATIP infrastructure.
[Summary of Statistics]
The following is the total number of ransomware samples collected in the past 6 months.
The number of new samples collected in June showed a relatively increasing trend compared to May. The types of malware that make up the number of new samples in June will be examined in section 3.
[Companies Damaged by Ransomware Group]
* The blurred information in the figure below shows the information of the ransomware group that launched the attack and the affected companies posted on DLS. For more information, please refer to the report uploaded on ATIP.
The following is a statistic of affected companies posted on DLS by ransomware groups collected by ATIP. There are ransomware groups for which the data was collected late or not collected at all, so please refer to the “Affected Companies by Ransomware Group (External Statistic)” below.
Below is a list of some of the affected companies that have been publicly disclosed by each ransomware group.
