We just saw one of the biggest months of ransomware ever recorded

September was huge, but Cl0p was nowhere to be seen

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

There were 514ransomwareattacks in September 2023 alone, making it a record month for this type of cybercrime, new figures from NCC Group have claimed.

As per the report, not only was it a record-breaker when it came to the number of attacks, but also when it comes to the number of attackers. The only month that came even remotely close to in 2023 was March, and that month counted 459 attacks. Back then, most of the attacks reported came as a result of the GoAnywhere MFT incident, done by the (apparently) Russian group Cl0p.

This time around, Cl0p was almost dormant, with three other groups dominating the “charts”: LockBit 3.0 with 79 attacks, LostTrust with 53, and BlackCat with 47. If you don’t know who LostTrust is, you can be excused, as this is a relatively new player on the board. In its writeup, BleepingComputer said LostTrust might be a rebrand of MetaEncryptor, as the code for both overlaps significantly.

4,000 attacks

4,000 attacks

Other notable mentions include RansomedVC. Besides the usual threats of data leaks, this group also threatens to report the victim to its national data protection watchdog, as the breach would effectively mean the victim is in violation of the General Data Protection Regulation (GDPR). RansomedVC successfully compromised 44 victims.

What’s more, every fifth attack in September was done by a new entrant. The majority of the attacks took place in North America (50%), followed by Europe (30%), and Asia (9%). The attackers were most interested in the industrial sector (169 attacks), the consumer industry (94 attacks), and technology (52).

So far this year, there have been a total of almost 3,500 attacks, NCC Group says, suggesting that we’ll probably surpass (or at least, get close to) the 4,000 mark by the end of the year.

ViaBleepingComputer

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set