October 2025 Threat Trend Report on Ransomware
This report provides the number of affected systems identified and statistics related to DLS-based ransomware, as well as major ransomware issues in and out of Korea in October 2025. The following is a summary of the report.
The statistics on the number of ransomware samples and affected systems use the detection names set by AhnLab. The statistics on the number of affected companies by ransomware group are based on the information published on DLS (Dedicated Leak Sites, which are PR sites or pages for ransomware) and collected by ATIP at the time.
Statistics Summary
The statistics cover the following four topics. ASEC Blog only provides trend statistics on ransomware DLS and detections (last 3 years). For other statistics, please refer to the reports attached to AhnLab TIP.
- Top 10 Countries Affected by Ransomware Group (October 2025)
- Industries Affected by Ransomware Group (October 2025)
- Trend of Top 10 Ransomware Groups in the Last 3 Years
- Ransomware Detection and DLS Statistics in the Last 3 Years
Summary of Key Issues
October 2025 was a month dominated by the Inc_Ransom group and the emergence of new groups in the ransomware ecosystem. In particular, the case where the Qilin group launched a series of attacks on Japan’s largest beer companies was the most notable event.
AhnLab’s Threat Intelligence Platform (TIP) report covers the following topics: major trends of ransomware groups and ransomware damage by industry and region.
- Major Trends of Ransomware Groups (Qilin, RansomHouse, Black Shrantac, etc.)
- Damage Trends by Industry
- Damage Trends by Region
- Trends of New Threats
