[SoM] 2021 Oct | EN | Story of the Month: Ransomware on the Darkweb

Hotsauce | S2W TALON

SoM (Story of the Month) publishes a report summarizing ransomware’s activity on the Darkweb. The report includes summary of victimized firms, Top 5 targeted countries and industrial sectors, status of dark web forum posts by ransomware operators, etc.

1. 2021 October Monthly Status

• A total of 337 victim companies were mentioned on ransomware leak sites based on 18 attack groups that had been updated in October 2021.
• HQ of ransomware victim companies is the highest in the United States, accounting for 41.8% of the total victimized companies
• Among all ransomware attack groups, LockBit accounted for 40.4% of the activity, showing the highest activity

1.1. TOP 5 targeted countries

1. United States — 41.8%
2. United Kingdom — 5.6%
3. Canada — 5.3%
4. France & Germany — 4.7%
5. Italy — 3.6%

1.2. TOP 5 targeted industrial sectors

1. Service — 8.6%
2. Construction — 7.7%
3. IT — 6.8%
4. Law — 5.6%
5. Food — 5.0%

1.3. TOP 5 Ransomware

1. LockBit — 40.4%
2. Conti — 16.3%
3. Spook — 10.1%
4. Midas — 8.9%
5. CLOP — 5.3%

2. Monthly highlighted the post @TALON

• Prometheus x Spook: Prometheus ransomware rebranded Spook ransomware.
• Haron Season2: Rebranding in progress

[SoM] 2021 Oct | EN | Story of the Month: Ransomware on the Darkweb was originally published in S2W BLOG on Medium, where people are continuing the conversation by highlighting and responding to this story.

Article Link: [SoM] 2021 Oct | EN | Story of the Month: Ransomware on the Darkweb | by S2W | S2W BLOG | Medium