Crimeware Report | Trends and Highlights from Q3 2023

Crimeware Report
Trends and Highlights Q3 2023

Arete's latest Crimeware Report leverages data collected during Arete incident response engagements and explores the rise and fall of ransomware variants, trends in ransom demands and payments, critical infrastructure impacts, and geopolitical implications.  

Overview

Top Ransomware Variants

ALPHV/BlackCat dethroned LockBit as the most prevalent ransomware variant Arete observed in Q3, as LockBit encountered internal instability.
The number of identified threat groups has declined, but the variety of ransomware branding has increased.

Trends in Ransom Demands and Payments

Arete's data shows that a ransom was paid in just 17% of cases in Q3.
Ransomware groups demand the highest average ransoms from Critical Infrastructure ($440K) and Financial Services Companies.
Cl0p continues targeting high-revenue organizations and demanding outsized ransoms.

Geopolitical Impacts

Over 100 cyber threat groups are engaging in malicious cyber activity surrounding the conflict between Israel and Hamas in the Middle East.

Crimeware ReportTrends and Highlights Q3 2023

Download the Report

Crimeware Report
Trends and Highlights Q3 2023