January 2026 Threat Trend Report on Ransomware
This report provides the number of affected systems confirmed during January 2026, DLS-based ransomware-related statistics, and notable ransomware issues in Korea and abroad. Below is a summary of some information. The statistics on the number of ransomware samples and affected systems were based on the diagnostic names assigned by AhnLab,
Ransom & Dark Web Issues Week 3, January 2026
ASEC Blog publishes Ransom & Dark Web Issues Week 3, January 2026 Qilin Ransomware Targets Korean Specialist in Semiconductor/Display Components & Surface Treatment U.S. DOJ: Access Broker “r1z” Pleads Guilty Qilin Ransomware Targets Vietnam’s National Airlines
December 2025 Threat Trend Report on Ransomware
This report provides the number of affected systems confirmed during December 2025, DLS-based ransomware-related statistics, and notable ransomware issues in Korea and abroad. Below is a summary of some information. The statistics on the number of ransomware samples and affected systems are based on the diagnostic names assigned by
Ransom & Dark Web Issues Week 4, November 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, November 2025 Qilin ransomware group claims attack on a Japanese company providing automotive financial services. Everest ransomware group launches data exfiltration attack against Spain’s largest airline. Access to internal systems of Saudi Arabia’s state-owned airport operator
October 2025 Threat Trend Report on Ransomware
This report provides the number of affected systems identified and statistics related to DLS-based ransomware, as well as major ransomware issues in and out of Korea in October 2025. The following is a summary of the report. The statistics on the number of ransomware samples and affected systems use
Ransom & Dark Web Issues Week 5, October 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 5, October 2025 A South Korean food manufacturing and processing company has been listed as a new victim by the ransomware group RansomHouse. The Data Extortion group Coinbase Cartel claims to have leaked the entire source
Analysis of Qilin Ransomware Using Selective Encryption Algorithm (Distributed Targeting Linux, ELF Type)
There has recently been a surge in the tendency for attacks targeting Korean asset and investment management companies. As described in this report, the ransomware encrypts files with an AES symmetric key and then encrypts that AES symmetric key with an RSA public key. This means that the possibility of
September 2025 Threat Trend Report on Ransomware
This report provides information on the number of systems affected during the month of September 2025, statistics related to the DLS-based ransomware, and key ransomware issues from around the world. Below is a summary of the report. The statistics on the number of ransomware samples and affected systems are
Ransom & Dark Web Issues Week 3, October 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, October 2025 New ransomware groups Kyber, Nasir Security, Kryptos, Tengu, and VFVCT (V For Vendetta Cyber Team) have emerged. Data from a South Korean website-building platform is being sold on the cybercrime forum DarkForums.
Ransom & Dark Web Issues Week 1, October 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 1, October 2025 Ransomware group Qilin listed nine South Korean asset management firms as new victims within a week. Ransomware group Qilin listed a South Korean engineering services company as a new victim. Ransomware group Gunra
