LockBit: Monster Revives with 625% Surge in May

According to a recent report by Cyfirma, in May 2024, the activity of ransomware programs significantly increased, with noticeable shifts in the operations of leading groups. The group that showed the highest surge in activity was LockBit, emerging as the top threat with 174 victims.

The manufacturing sector suffered the most, with 85 incidents, while the United States became the most targeted geography with 249 recorded attacks. Among the new cyber threats, notable groups included Arcusmedia, SpiderX, and FakePenny.

The activity of leading ransomware groups in May 2024 changed compared to April. LockBit’s activity spiked by 625%, while INC Ransom increased by 100%. The group Play saw a 10.34% rise in attacks, and RansomHub by 4.17%. Medusa, absent in April, returned with 23 incidents.

LockBit, which emerged in 2019, continues to evolve despite regular law enforcement measures. The group swiftly recovered after its infrastructure was dismantled in February, once again becoming the most active in May.

Ransomware activity also surged across various industries this May. Attacks in manufacturing rose by 28.79%, in real estate and construction by 66.67%, and in banking and finance by 105%.

Government agencies and legal services saw a 48% increase in incidents, healthcare by 71.43%. E-commerce and telecommunications experienced a 230% rise, IT by 55.56%, and transportation by 21.05%.

Education showed a 250% increase, and the hospitality industry by 17.65%. Media rose by 116.67%, while energy decreased by 33.33%, and FMCG by 4.26%.

The primary targets of attacks in May 2024 were the United States (249), United Kingdom (34), Canada (23), Spain (19), and France (18).

LockBit Black primarily spreads through the Phorpiex botnet, distributing phishing emails with infected attachments. Blackbasta uses social engineering, employing phishing calls and malicious links to gain access to systems.

SpiderX offers its services on underground forums, demonstrating advanced features and high efficiency. FakePenny, using a loader and encryptor, demands ransoms reaching $6.6 million in bitcoins. Arcusmedia, first detected in May, has already committed at least 17 incidents, primarily targeting South America.

Key events in May included an attack on the Singing River healthcare system affecting 895,204 individuals, and the sale of INC Ransom source code on hacker forums for $300,000. Attacks on Windows administrators through fake software download sites were also noted.

Reports indicate about 31% of enterprises are forced to suspend operations after ransomware attacks, and 40% have to reduce staff. In 35% of cases, there are changes in top management. The average financial damage to companies is around $200,000, with 75% of small and medium-sized enterprises facing the threat of closure.

The escalating activity of ransomware underscores the need to enhance cybersecurity measures. Investments in advanced protection technologies, employee training, incident response plan development, cyber risk insurance, and regular security audits will help mitigate risks and minimize damage.

  • Say

    Related Posts

    SpaceX Reveals Plan for “Decommissioning” the ISS
    • SaySay
    • July 21, 2024

    SpaceX has unveiled its role in deorbiting the International Space Station (ISS) by the early next decade. NASA plans to pay Elon Musk’s company up to $843 million for its…

    Continue reading
    Hydrogen Air Taxi Flies Over 800 Kilometers
    • SaySay
    • July 21, 2024

    Startup Joby Aviation has unveiled a modified version of its signature vertical takeoff and landing air taxi. The first test flight confirmed the effectiveness of the technology using hydrogen fuel.…

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    Elon Musk Reveals When the Optimus Robot Will Start Working in Factories

    • By Say
    • July 23, 2024
    • 1 views
    Elon Musk Reveals When the Optimus Robot Will Start Working in Factories

    NTT Sorority has unveiled the nwm ONE—open-back headphones with sound leakage protection.

    • By Say
    • July 23, 2024
    • 1 views
    NTT Sorority has unveiled the nwm ONE—open-back headphones with sound leakage protection.

    MAXSUN has released an affordable motherboard for AMD Ryzen 9000 processors.

    • By Say
    • July 23, 2024
    • 1 views
    MAXSUN has released an affordable motherboard for AMD Ryzen 9000 processors.

    YouTube Relic: Video of Herobrine’s First Appearance in Minecraft Found

    • By Say
    • July 22, 2024
    • 5 views
    YouTube Relic: Video of Herobrine’s First Appearance in Minecraft Found

    Samsung Patents Accordion-Style Tablet with Expandable Screen

    • By Say
    • July 22, 2024
    • 4 views
    Samsung Patents Accordion-Style Tablet with Expandable Screen

    The End: Showrunners of The Witcher Series Conclude Plot for Fifth Season

    • By Say
    • July 22, 2024
    • 4 views
    The End: Showrunners of The Witcher Series Conclude Plot for Fifth Season