December 2024 Threat Trend Report on Ransomware summarizes counts of new samples, damaged systems, and targeted companies based on AhnLab detections and DLS postings by ransomware groups. It highlights exfiltration to public web services via Dedicated Leak Sites as a method to publicly expose victims, noting notable Korean and international incidents #AhnLab #DedicatedLeakSite #RansomwareGroups
Keypoints
- The report combines new ransomware sample counts, damaged systems, and targeted companies from AhnLab detections and DLS postings.
- Ransomware groups publish targeted business data on Dedicated Leak Sites to publicly expose victims.
- Statistics rely on ATIP infrastructure data and ASD-collected information.
- December activity shows a similar number of new samples to November.
- Major Korean and international ransomware issues are highlighted.
MITRE Techniques
- [T1567.002] Exfiltration to Public Web Service β Ransomware groups post targeted business information on their Dedicated Leak Site (DLS) to publicly expose victims. ‘statistics on targeted businesses posted on the ransomware groupsβ DLS’
Indicators of Compromise
- [MD5] MD5 hashes of new ransomware samples observed in December/November β 039f85a7670428430274476cbe733db4, 54e383ca658ebd3caaf586f032f1c401, 61d7585b5702d195bc35e0be2f75915c, 834c7fd865eee5f7e17a3a1fb62e7051, c5c47f7a17ef4533d1c162042aa0313b
- [URL] Source β https://asec.ahnlab.com/en/85604/
Full Research: https://asec.ahnlab.com/en/85604/