Pierluigi Paganini February 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide.

A comprehensive report delving into the intricate landscape of ransomware threats during the last four months of 2023 is out, with a meticulous focus on the monitoring activities conducted by the OSINT Ransomfeed platform (www.ransomfeed.it). Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities. The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. This report meticulously scrutinizes the geographical localization of these attacks, as well as the industries predominantly targeted.

As customary, the ensuing data, as reiterated, were procured via the primary activity of the Ransomfeed platform, involving periodic scraping from various renowned dark websites. For this report, the focus is directed toward the outcomes gathered concerning the third quarter of the past year, commencing with a global overview encompassing all monitored ransomware groups and culminating with a specific emphasis on Italy.

During this period of 2023, the platform meticulously monitored 185 cybercriminal groups operating with ransomware technologies across over 342 servers and mirrors, consequently tallying a definition of 1771 ransomware claims identified globally.

The months of May, June, July, and August each presented unique challenges in the realm of cybersecurity. Remarkably, December emerged as the most prolific month of the four months with 484 attacks, closely trailed by November with 482, September with 458, and October with 347. Notably, the year’s end witnessed an escalation in criminal claims, almost akin to concluding a productive year. Let us now delve into the detailed breakdown of the days.

This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

In conclusion, the report underscores the paramount importance of international collaboration and the adoption of advanced defense strategies to effectively counter the burgeoning phenomenon of ransomware threats and safeguard the integrity of data and information systems.

Ransomfeed trusts this report (results of no-profit activity) will serve as a vital resource for cybersecurity professionals, researchers, and stakeholders alike, providing valuable insights into the evolving ransomware landscape and paving the way for robust defense mechanisms against such malicious activities.

The complete report is available here:

https://ransomfeed.it/data/reports/2023/DRM-Report-Q3-2023-%5BENG%5D.pdf

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – Hacking, ransomware)