LockBit: Monster Revives with 625% Surge in May

According to a recent report by Cyfirma, in May 2024, the activity of ransomware programs significantly increased, with noticeable shifts in the operations of leading groups. The group that showed the highest surge in activity was LockBit, emerging as the top threat with 174 victims.

The manufacturing sector suffered the most, with 85 incidents, while the United States became the most targeted geography with 249 recorded attacks. Among the new cyber threats, notable groups included Arcusmedia, SpiderX, and FakePenny.

The activity of leading ransomware groups in May 2024 changed compared to April. LockBit’s activity spiked by 625%, while INC Ransom increased by 100%. The group Play saw a 10.34% rise in attacks, and RansomHub by 4.17%. Medusa, absent in April, returned with 23 incidents.

LockBit, which emerged in 2019, continues to evolve despite regular law enforcement measures. The group swiftly recovered after its infrastructure was dismantled in February, once again becoming the most active in May.

Ransomware activity also surged across various industries this May. Attacks in manufacturing rose by 28.79%, in real estate and construction by 66.67%, and in banking and finance by 105%.

Government agencies and legal services saw a 48% increase in incidents, healthcare by 71.43%. E-commerce and telecommunications experienced a 230% rise, IT by 55.56%, and transportation by 21.05%.

Education showed a 250% increase, and the hospitality industry by 17.65%. Media rose by 116.67%, while energy decreased by 33.33%, and FMCG by 4.26%.

The primary targets of attacks in May 2024 were the United States (249), United Kingdom (34), Canada (23), Spain (19), and France (18).

LockBit Black primarily spreads through the Phorpiex botnet, distributing phishing emails with infected attachments. Blackbasta uses social engineering, employing phishing calls and malicious links to gain access to systems.

SpiderX offers its services on underground forums, demonstrating advanced features and high efficiency. FakePenny, using a loader and encryptor, demands ransoms reaching $6.6 million in bitcoins. Arcusmedia, first detected in May, has already committed at least 17 incidents, primarily targeting South America.

Key events in May included an attack on the Singing River healthcare system affecting 895,204 individuals, and the sale of INC Ransom source code on hacker forums for $300,000. Attacks on Windows administrators through fake software download sites were also noted.

Reports indicate about 31% of enterprises are forced to suspend operations after ransomware attacks, and 40% have to reduce staff. In 35% of cases, there are changes in top management. The average financial damage to companies is around $200,000, with 75% of small and medium-sized enterprises facing the threat of closure.

The escalating activity of ransomware underscores the need to enhance cybersecurity measures. Investments in advanced protection technologies, employee training, incident response plan development, cyber risk insurance, and regular security audits will help mitigate risks and minimize damage.

  • Say

    Related Posts

    YouTube Explains the Disappearance of the “Skip Ad” Button
    • SaySay
    • October 23, 2024

    YouTube’s efforts to enhance monetization seem to have reached a new stage, with users reporting that the “Skip Ad” button has started disappearing from their screens. This was also confirmed…

    Continue reading
    Elon Musk Announces Starship’s First Mission to Mars
    • SaySay
    • September 9, 2024

    Elon Musk, CEO of SpaceX, has announced that the company is gearing up for its first mission to the Red Planet with its Starship spacecraft. He shared the timeline for…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Gamers Slam Dragon Age: The Veilguard on Metacritic

    • By Say
    • November 4, 2024
    • 0 views
    Gamers Slam Dragon Age: The Veilguard on Metacritic

    Acer Unveils High-Speed, Gold-Plated DDR5 Memory for PCs

    • By Say
    • November 4, 2024
    • 0 views
    Acer Unveils High-Speed, Gold-Plated DDR5 Memory for PCs

    In the wake of Kingston’s new record breaking

    • By Say
    • November 4, 2024
    • 0 views
    In the wake of Kingston’s new record breaking

    Step Aside, Google: OpenAI Launches Its Own Search Engine Powered by ChatGPT

    • By Say
    • November 1, 2024
    • 2 views
    Step Aside, Google: OpenAI Launches Its Own Search Engine Powered by ChatGPT

    WhatsApp to Introduce One of Telegram’s Most Useful Features

    • By Say
    • November 1, 2024
    • 2 views
    WhatsApp to Introduce One of Telegram’s Most Useful Features

    Welcome! Pirates Cracked Dragon Age: The Veilguard Right After Launch

    • By Say
    • November 1, 2024
    • 2 views
    Welcome! Pirates Cracked Dragon Age: The Veilguard Right After Launch