"All Change at the Top as New Ransomware Groups Emerge"

Researchers at Intel 471 have found that the Ransomware as a Service (RaaS) landscape underwent another major shift in the third quarter as new variants emerged to become the dominant players in the ecosystem.  The researchers stated that 60% of the attacks they tracked during the period were tied back to four variants: LockBit 2.0, Conti, BlackMatter, and Hive.  Of these, LockBit 2.0 was the most prolific, accounting for a third (33%) of observed attacks, followed by Conti (15%), BlackMatter (7%), and Hive (6%).  The researchers stated that due to law enforcement, infighting amongst groups, or people abandoning variants altogether, the RaaS groups dominating the ecosystem at this point in time are completely different than just a few months ago.  Even with the shift in variants, the researchers noted that ransomware incidents as a whole are still on the rise.  From July to September 2021, the researchers observed 612 ransomware attacks that can be attributed to 35 different ransomware variants.  Among those attacks, several lesser-known variants have supplanted prominent ones that rose in notoriety over the first half of 2021.  LockBit 2.0’s rise has been particularly notable, as it was only discovered in June 2021 following the disappearance of LockBit late last year.  

Infosecurity reports: "All Change at the Top as New Ransomware Groups Emerge"