"Clop Drives Record Ransomware Activity in June"

According to researchers at NCC Group, ransomware attacks in June soared 221% year-on-year to hit a record 434 for the month.  The researchers claimed that the figures were driven by Clop’s targeting of global organizations via the MOVEit flaw, “consistently high levels” of activity by groups such as Lockbit 3.0, and the appearance of new groups since May.  The researchers noted that Clop was responsible for a fifth (21%) of activity last month after it exploited SQL injection zero-day vulnerability CVE-2023-34362 in the popular managed file transfer software MOVEit.  LockBit 3.0 accounted for 14% of ransomware attacks in the period, down 21% from the previous month.  However, the group is still the most prolific of 2023 so far.  The researchers stated that June also saw 8base, a new group first discovered in May, ramp up activity quickly.  It was responsible for 40 attacks, 9% of the total recorded by the researchers.  Two other groups spotted for the first time in May, Rhysida, and Darkrace, contributed 17 and nine attacks, respectively.  The researchers stated that, unsurprisingly, North America once again contributed the most victims (51%), followed by Europe (27%) and Asia (9%).  The most targeted sector in June was “industrials,” which accounted for a third of victims, followed by “consumer cyclicals” (12%) and technology (11%).  

Infosecurity reports: "Clop Drives Record Ransomware Activity in June"