Ongoing: New Ransomware Gangs in 2024

2023 was a year that saw ransomware continuously break records, and while the usual  suspects LockBit and BlackCat represented 38% of all reported attacks, we also saw around 29 new ransomware gangs begin operations last year.

Notable newcomers in 2023 included Akira, who were responsible for over 50 attacks and Rhysida who made headlines with attacks on organizations including the British Library and Prospect Medical.

We all know of the notorious groups that have been around for a number of years who, of course, are still making headlines with their notable attacks, but it is also important to watch those new groups who are emerging and starting to make waves in the ransomware landscape.

This year, we’ve decided to track new ransomware gangs and their victims and will keep you updated as and when we discover them.

Slug

Victims claimed: AerCap

Abyss

Victims claimed: Micrometals, Synergy Financial Group, Vida Diagnostics, Deltron, TransAxle, Posen Architects, MRA, Van Wingerden Family, Sunharbour Manor, NEI, The Yarco Companies, IAM Design, Lindquist Insurance, Ramey Wine Cellars, Rangam

Mydata

Linked to Alpha ransomware

Victims claimed: Integrity, CARRI Systems, Gadot Biochemical Industries, Levelwear, A24 Group, The Mike Ferry Organization, Eland Energy, BM Catalysts. Consorzio Innova, Geodis, First Texas Alliance Corp

nSafe

Victims claimed: Hartl European Transport Company, American International College

Ransomhub

Victims claimed: YKP, Headwater Companies, Al Shefa Farm, Headwater Companies, Benthanh Group, Shooting House, SP Mundi, Merchant ID, Hozzify, SIEA, DVT Technology Ltd, Rekamy, Scadea Solutions, Computan, Kovra, SBM and Co, McKim & Creed, PGESCo, La Pashina, Woodsboro ISD, Avant IT, Agencia Host, Better Accounting Solutions, Carrozzeria Aretusa, UnitedHealth Group, Florio Pharmacy Napoli, Skyway Coach Lines, Baca County, Robeson County Sheriff’s Office, Grupo Cuevas, Empresa De Energia Del Bajo Putumayo, Mercatino, FabricaInfo, CYNC Solutions, Harman Realtors, Europeanprof, R H Bluestein, Design Intoto, Jute Trading, Precision Time Systems

Trisec

Victims claimed: Cogans Carrigaline, The Center for Molecular Medicine, AIVI Italian Association of Veterinary Hygienists

Mogilevich

Victims claimed: Infiniti USA, Bazaarvoice, Department of Foreign Affairs Trade Ireland, Epic Games, DJI China, Kick, Shein

Blackout

Victims claimed: Centre Hospitaliter , Metal 7, Hospitaltechnik Planungsgesellschaft

Donex

Victims claimed: Van der Helm, P Fleet, Elsap, Chocotopia

Handala

Victims claimed: ROTEC Reverse Osmosis Technologies, Aleph Farms, Kogol Unitrade, ArrowNet, Arad Textile, Massad College, Israel Study Center, Smart College, 99Digital

Kill

Victims claimed: Politia Romana, Paschim Banga Gvamiri Bank, Kerala Police, Rabitbd, Delhi Police Headquarters

Red

Victims claimed: Aluminium Trailer, Southco Industries, Bay State College, Kogok Corporation, Tecnolight, Soluciones Logisticas Sauceda, SAG Global, Thor Data, Como Hotels, Bendall & Mednick, K2 Systems, Targus

Dark Vault

Reports and speculation are beginning to suggest that Dark Vault may be an rebranding attempt by LockBit.

Victims claimed: Hawk SCADA, HireBus, EZ Truck Solutions, Zane Benefits, Baheya Beauty, Tommy Club, THSP Risk Management, Qint, Bigtoe Pose, AtriLine

Embargo

Victims claimed: NorthBay HealthCare, Mulford Construction

Qiulong

Victims claimed: Lincoln Graca Neto, Rosalvo, Willian Segallin, Andrea Rechia, Hominem Clinic

APT73

Victims claimed: Trifecta Technologies

dAn0n

Victims claimed: O’Connell Mahon Architects, RSH Legal, Semilab

This information has been collated from various online sources.

Last updated 04/26/2024 at 09:41GMT