Kela reveals ransomware victims and network access sales for Q3

Share post:

According to a new report by Israeli cyber intelligence firm KELA, hackers are selling access to 576 corporate networks worldwide for a total sale price of $4 million.

LockBit, Black Basta, Hive, Alphv (aka BlackCat), and BianLian were the most prolific ransomware and data leak actors in the third quarter, according to the report, with the latter being a relatively new ransomware gang. Professional services were the sector most targeted by ransomware attackers and data leak actors in the third quarter of 2022. 55% of attacks in this sector were carried out by LockBit, Alphv, and Hive.

The USA is still the country that is most targeted, with 40% of ransomware and extortion attacks that affect U.S. companies in the third quarter, followed by ransomware and data leaks from companies in Great Britain, France, Germany and Spain. There are also new data leak sites and ransomware blogs of the quarter, including Yanluowang, BianLian, 0mega, Daixin Team, Donut Leaks.

KELA discovered more than 570 network access listings for sale in the third quarter of 2022 with a total offer price of approximately $4 million and an average access price of between $1,350 and $2,800. Threat actors offered more expensive listings in the third quarter, although the total number of listings remained nearly constant. In the third quarter, there were approximately 190 access listings per month, slightly more than in the second quarter.

In KELA, single access was also offered for sale at the astronomical price of $3 million, although the number of sales for network access remained roughly the same as in the previous two quarters. However, due to concerns about its authenticity, this list was not included in the statistics and totals of the third quarter 22.

The sources for this piece include an article in BleepingComputer.


Related articles

Cyber Security Today, June 21, 2024 – US to ban Kaspersky for businesses, consumers

U.S. to ban the sale of Kaspersky products to consumers and businesses. Welcome to Cyber Security Today. It's Friday...

Biden administration to ban US sales of Kaspersky software over ties to Russia

The Biden administration is set to announce a ban on the sale of Kaspersky Lab's antivirus software in...

Security bug may allow anyone to spoof Microsoft employee emails

A security researcher claims to have discovered a bug that enables anyone to impersonate Microsoft corporate email accounts,...

Cyber Security Today, June 19, 2024 – How an attacker hid on an IT network for three years

How an attacker hid on an IT network for three years Welcome to Cyber Security Today. It's Wednesday June...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways