Ransomware Research

The CyberMaxx team of cyber researchers conducts routine threat research independent of client engagements. The purpose of our research is to help foster collective intelligence among the cybersecurity community. While conducting their research, the team discovers and analyzes ongoing ransomware attacks occurring in the wild.

The intelligence gathered from these efforts is reported on quarterly, adding further insights into previously reported activity.

For your convenience, we’ve uploaded each quarters lists of attacks to GitHub

Q1 2024 Ransomware Research Report

During the first quarter of 2024 we observed 1283 successful ransomware attacks against organizations, up 29% over the same period last year in Q1 2023 with 909 observed attacks.

Q4 2023 Ransomware Research Report

In Q4 the FBI seized AlphVs PR site, which was promptly taken back by the threat group. This cycle repeated four times before concluding.

Q3 2023 Ransomware Research Report

The AlphV Threat Group has drastically increased in activity by 400%. This group contributed 512 successful ransomware attacks to this quarter’s total volume, making up 28% of the overall figure.

Q2  2023 Ransomware Research Report

Ransomware attacks have shown a significant increase in the second quarter of 2023, with a 26% overall rise compared to the previous quarter, with Lockbit leading the pack.

Q1 Ransomware Research Report

Q1 2023 Ransomware Research Report

In the first quarter of 2023, we observed 909 successful ransomware attacks vs 1,030 in the fourth quarter of 2022, showing a 13% decrease in overall observed activity within similar timeframes.