After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance.
In a report published on December 18, 2023, Corvus Threat Intel observed 484 new ransomware victims posted to leak sites in November.
This represents a 39.08% increase from October and a 110.43% increase compared with November 2022.
This is the eleventh month in a row with a year-on-year increase in ransomware victims and the ninth in a row with victim counts above 300.
This is also the third time such a record has been broken this year.
While the previous two records in 2023 were primarily attributed to Clop's MOVEit supply chain attack, this was not the case in November.
According to Corvus' data, the November peak was partly due to a resurgence in LockBit's activity.
November was LockBit's third-highest month of 2023 in terms of listed victims after a quieter Fall.
Based on historical seasonal data, the Corvus Threat Intel team predicted that the number of ransomware leak site victims listed in December will be higher than in December 2022 but likely won't match November's numbers.
Finally, Corvus observed that although the take-down of malware loader QakBot by law enforcement in August impacted ransomware groups.
The fact that cybersecurity firms are now observing a return of QakBot could potentially impact Corvus' predictions for the near future.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 25 Dec 2023 14:00:30 +0000