The ransomware ecosystem is increasingly fragmented, with new groups emerging rapidly and old ones rebranding, fueled by leaked source code and AI tools. Law enforcement has disrupted some large operations but struggles to prevent new gangs from forming, leading to a highly volatile landscape. #LockBit #BlackCat #RansomwareRebrands
Keypoints
- Over 60 active ransomware gangs are operating simultaneously for the first time since tracking began.
- Law enforcement actions have destroyed infrastructure of large groups but struggled to arrest members, enabling new groups to form.
- Many new ransomware groups are rebrands using leaked source code from established operations like LockBit and Conti.
- The top 10 ransomware groups now account for only half of all attacks, down from 69% in 2022.
- The lack of trust among affiliates and core members has increased infighting, exit scams, and attacks on other groups.
Read More: https://therecord.media/ransomware-gang-takedown-proliferation