Top 5 ransomware groups and malware delivering ransomware in 2024

Image via Unsplash

Cofense Intelligence has announced research revealing the most prominent five ransomware groups. The ransomware groups are:

LockBit 3.0
BlackCat
BianLian
Akira
BlackSuit

Among RaaS groups, LockBit 3.0 is the most active. This organization predominantly targets the healthcare and public health sector, utilizing a variety or approaches such as IABs, phishing campaigns and direct attacks. A quality of LockBit3.0 is the ability to customize many facets, including the use of modules, making detection difficult for security enterprises.

Furthermore, the report identifies the most commonly deployed malware delivering ransomware. The top delivery methods are:

DarkGate RAT
Remcos RAT
Async RAT
XWorm RAT
ConnectWise RAT

Most commonly, DarkGate RAT has been observed being delivered via an attached Office document. In the document, there is typically a link that, when clicked, will deliver the DarkGate RAT binary.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.