New ransomware groups undeterred by increasing law enforcement action

Ransomware attacks continue to increase despite significant changes in ransomware variants over the past few months due to sweeping law enforcement actions against ransomware groups, including Avaddon, Cl0p, BlackMatter, Egregor, DarkSide, and REvil, according to The Hacker News. A report from Intel 471 associated 612 ransomware attacks from July to September to 35 ransomware variants, with nearly 60% of the infections linked to the LockBit, Conti, BlackMatter, and Hive ransomware operations. Most of the ransomware attacks were targeted at companies in the manufacturing, consumer and industrial products, professional services, and real estate industries. "While law enforcement around the world has gotten more aggressive in their efforts to arrest those behind attacks, developers are still easily shutting down popular variants, laying low, and coming back with finely-tuned malware used by themselves as well as affiliates. As long as the developers can remain in countries where they are granted safe harbor, the attacks will continue, albeit with different variants," said researchers.