2023 was a year that saw ransomware continuously break records, and while the usual suspects LockBit and BlackCat represented 38% of all reported attacks, we also saw around 29 new ransomware gangs begin operations last year.
Notable newcomers in 2023 included Akira, who were responsible for over 50 attacks and Rhysida who made headlines with attacks on organizations including the British Library and Prospect Medical.
We all know of the notorious groups that have been around for a number of years who, of course, are still making headlines with their notable attacks, but it is also important to watch those new groups who are emerging and starting to make waves in the ransomware landscape.
This year, we’ve decided to track new ransomware gangs and their victims and will keep you updated as and when we discover them.
January
Slug
Victims claimed: AerCap
Abyss
Victims claimed: Micrometals, Synergy Financial Group, Vida Diagnostics, Deltron, TransAxle, Posen Architects, MRA, Van Wingerden Family, Sunharbour Manor, NEI, The Yarco Companies, IAM Design, Lindquist Insurance, Ramey Wine Cellars, Rangam, Wold Architects and Engineers
Mydata
Victims claimed: Integrity, CARRI Systems, Gadot Biochemical Industries, Levelwear, A24 Group, The Mike Ferry Organization, Eland Energy, BM Catalysts. Consorzio Innova, Geodis, First Texas Alliance Corp
nSafe
Victims claimed: Hartl European Transport Company, American International College
February
Ransomhub
Victims claimed: YKP, Headwater Companies, Al Shefa Farm, Headwater Companies, Benthanh Group, Shooting House, SP Mundi, Merchant ID, Hozzify, SIEA, DVT Technology Ltd, Rekamy, Scadea Solutions, Computan, Kovra, SBM and Co, McKim & Creed, PGESCo, La Pashina, Woodsboro ISD, Avant IT, Agencia Host, Better Accounting Solutions, Carrozzeria Aretusa, UnitedHealth Group, Florio Pharmacy Napoli, Skyway Coach Lines, Baca County, Robeson County Sheriff’s Office, Grupo Cuevas, Empresa De Energia Del Bajo Putumayo, Mercatino, FabricaInfo, CYNC Solutions, Harman Realtors, Europeanprof, R H Bluestein, Design Intoto, Jute Trading, Precision Time Systems, Polaris, Extra, Universidad Nacional Autonoma de Mexico, Islamic Emirat of Afghanistan National Environmental Protection Agency, NRS Healthcare, Thaayakam, Kamo Jou Trading
Trisec
Victims claimed: Cogans Carrigaline, The Center for Molecular Medicine, AIVI Italian Association of Veterinary Hygienists
Mogilevich
Victims claimed: Infiniti USA, Bazaarvoice, Department of Foreign Affairs Trade Ireland, Epic Games, DJI China, Kick, Shein
Blackout
Victims claimed: Centre Hospitaliter , Metal 7, Hospitaltechnik Planungsgesellschaft
March
Donex
Victims claimed: Van der Helm, P Fleet, Elsap, Chocotopia
Handala
Victims claimed: ROTEC Reverse Osmosis Technologies, Aleph Farms, Kogol Unitrade, ArrowNet, Arad Textile, Massad College, Israel Study Center, Smart College, 99Digital, Kashin Distillery, HIGH Group
Kill
Victims claimed: Politia Romana, Paschim Banga Gvamiri Bank, Kerala Police, Rabitbd, Delhi Police Headquarters
Red
Victims claimed: Aluminium Trailer, Southco Industries, Bay State College, Kogok Corporation, Tecnolight, Soluciones Logisticas Sauceda, SAG Global, Thor Data, Como Hotels, Bendall & Mednick, K2 Systems, Targus
April
Victims claimed: Hawk SCADA, HireBus, EZ Truck Solutions, Zane Benefits, Baheya Beauty, Tommy Club, THSP Risk Management, Qint, Bigtoe Pose, AtriLine, Sandip University, IKF Home Finance, Eskarabajo, Ale Educacao e Tecnologia
Embargo
Victims claimed: NorthBay HealthCare, Mulford Construction, Firstmac
Qiulong
Victims claimed: Lincoln Graca Neto, Rosalvo, Willian Segallin, Andrea Rechia, Hominem Clinic, Escultural
APT73
Victims claimed: Trifecta Technologies, Melting Mind, Credio, ServicePower
dAn0n
Victims claimed: O’Connell Mahon Architects, RSH Legal, Semilab, Information Integration Experts
Space Bears
Victims claimed: Fire Fighting Systems, Filesenstudio, Thinkadam, CORTEX Chiropractic & Clinical Neuroscience, Surewerx USA, SM EMBALLAGE, Mr Bean
This information has been collated from various online sources.
Last updated 05/08/2024 at 09:43GMT
Related Posts
BlackFog opens Cybersecurity R&D Headquarters in Belfast
BlackFog, a leader in ransomware protection and anti data exfiltration technology, today announced the opening of its new research and development (R&D) headquarters in Belfast, United Kingdom.
The State of Ransomware 2024
BlackFog's state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
Top 5 MSP Cyberattacks in 2023/2024
In 2023 and 2024, several high-profile cyberattacks targeted managed service providers (MSPs), disrupting services for their clients. Learn about the top 5 MSP attacks during this period, including incidents at CTS, Tietoevry, Lumen Technologies, HTC Global Services, and Südwestfalen IT.
Ransomware Focus: LockBit Attacks in 2024
Latest information on all LockBit attacks both disclosed and undisclosed in 2024
Ongoing: New Ransomware Gangs in 2024
Ransomware gangs continue to break records and BlackFog will track all new ransomware gangs in 2024.
Data Privacy vs Data Security: Why you Need to Know the Difference
Are you aware of the differences between data privacy vs data security that may impact how you develop a comprehensive protection strategy