Intel 471 releases quarterly ransomware report.

Intel 471 released a report today highlighting ransomware activity in Q3 2022. 455 ransomware attacks were observed in this quarter, which is a decrease by 72 from Q2. North America, Europe, Asia, South America, Oceania, Africa and the Middle East were the most affected regions.

LockBit 3.0.

LockBit 3.0 was found to be the most prominent ransomware variant, coming in at 192 detected breaches. Professional services, consulting, and manufacturing were found to be the most impacted industries by LockBit. LockBit’s builder was leaked on Twitter in September of this year, and it is possible that a decrease will be observed in LockBit use in Q4.

Black Basta.

The Black Basta ransomware attacked 50 organizations this quarter. Consumer and industrial products were the most targeted industry by the ransomware, and attacks on the US accounted for 62% of all attacks. This ransomware took Conti’s spot as the second most observed ransomware following its dissolution.

Hive.

42 attacks were seen by the Hive ransomware group this quarter, and most greatly impacted the US and UK. Consumer and industrial products were the most affected sector by this ransomware. In August of this year, an alleged Hive threat actor revealed phishing emails are the initial attack vector.

ALPHV.

ALPHV ransomware was observed in use in 30 breaches this quarter. Real estate and professional services and consulting were the most impacted sectors. In September, the supposed leader of the ALPHV RaaS affiliate program claimed the group targeted many systems of critical infrastructure.