Q3 2024 Crimeware Report

Q3 2024 Crimeware Report

 
The report leverages data collected during Arete’s response to ransomware and extortion attacks during Q3 2024
and explores the most observed threat groups, trends in ransom demands and payments, industries targeted by ransomware
attacks, and the impact of law enforcement actions.
 

Key Findings:

 

• New ransomware groups continued to emerge throughout Q3, with some newcomers bearing similarities to
  Ransomware-as-a-Service (RaaS) organizations that previously shut down their operations or reportedly sold their source code.
• The percentage of companies and organizations paying ransoms remained low in Q3, but there was an increase
  in both initial demands and median payments made.
• In Q3, threat actors did not appear to intentionally target specific industries, unlike in Q2 when the Fog
  ransomware group regularly targeted organizations in the education sector.
• Cybercriminals continued to leverage most of the same malware variants and legitimate tools observed in
  the first half of 2024, except Cobalt Strike, which was observed notably less in Q3.

 

Leverage Arete’s data and threat intelligence from every aspect of the threat lifecycle to better understand the evolving threat landscape. We are dedicated to protecting our clients, informing our partners, and contributing to the shared fight against cyber extortion.