Malware threat actors were ranked in a recent report by OpenText Cybersecurity. In 2023, four new ransomware groups topped the list.
Newcomer Cl0p takes the prize for this year's nastiest malware following ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut.
The threat actors were ranked as follows:
- Cl0p, a RaaS platform that became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software.
- Black Cat has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts.
- Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time.
- Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt.
- Lockbit 3.0 continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.
- Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately.