The rise in earnings comes after a year when the money from ransomware dropped. But in 2023, things changed. More hackers joined in, and some big attacks brought in a lot of money. One hacking group, CL0P, made over $100 million by finding a way to break into a file-transfer service called MOVEit. This service is used by many businesses and governments. CL0P’s attack on MOVEit made it the top ransomware for a while.
More people are trying ransomware because it can be very profitable. For instance, a group called Phobos lets other hackers use its ransomware. This makes it easier for more attacks to happen, even by those who are not very skilled.
Ransomware-as-a-service gangs, like LockBit and ALPHV, have made ransomware attacks go up by 68% in 2023. The US saw almost half of these attacks. The UK, Canada, Italy, and Germany also saw many attacks. The biggest ransom asked for was $80 million by the LockBit gang from Royal Mail.
The ransomware business is now worth billions. It has its own system with different roles like access brokers and software sellers. It even has things like employee of the month awards. LockBit was the biggest name in ransomware in 2023, but others are catching up.
Hackers are also finding new ways to stay hidden. They use normal tools in a way that does not look suspicious to carry out their attacks. This makes it hard to notice them. Malvertising, or harmful ads, also came back in 2023. These ads trick people into downloading malware.
Attacks on phones and computers have gotten more sophisticated. Android banking trojans were found 88,500 times. They pretend to be normal apps to steal banking details. Macs are also targeted more because they are used by many businesses.
As we moved into 2024, companies had smaller IT and security teams and budgets, making it a challenge to fight against these attacks.