recover from ransomware in HOURS, NOT DAYS or WEEKS.

Halcyon Ransomware Malicious Quartile Q2 2023

Explore the latest reports by the experts at Halcyon

January 26, 2024
Halcyon Research Team
Download PDF

Executive Summary

More than 2,300 organizations succumbed to ransomware attacks in just the first half of 2023 according to the most recent data, with the vast majority carried out by only three ransomware operators: LockBit (35.3%), ALPHV/BlackCat (14.2%), and Cl0p (11.9%).

Overall, ransomware attacks were up 74% in Q2-2023 over Q1 volumes. No, the ransomware problem is not going away. Ransomware attacks continue to be extremely lucrative, with ransom demands and recovery costs bleeding victim organizations for millions of dollars. Ransomware-as-a-Service (RaaS) and other operators are implementing novel evasion techniques into their payloads specifically designed to evade or completely circumvent traditional endpoint protection solutions. The players change fast in this space as RaaS groups and other ransomware operators rise and fall with law enforcement takedowns or disband and reorganize under different brands.

The Halcyon team of ransomware experts has put together this extortion group power rankings guide as a quick reference for the extortion threat landscape based on data from throughout Q2- 2023 (the Q1-2023 report can be found here, and the full 2022 report can be found here).

Other Reports

Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.