Ransomware becomes less lucrative – com! professional

The amount of money hackers made from ransomware in the second quarter of 2022 fell noticeably compared to the beginning of the year. This is also due to the fact that companies often refuse to pay ransoms. Now the goals of the criminals are changing.

The sums of ransom payments related to cyber attacks fell sharply in the second quarter of this year. This is also due to the fact that the organizations concerned often refuse to pay the amounts requested. This is according to a report by the ransomware removal company Coveware.

Coveware analyzed data from the second quarter of 2022 and found that while the average ransom paid increased to $228,125 — an amount that Coveware said was driven by multiple outliers — the median payment decreased $36,360. This corresponds to a decrease of 51 percent compared to the first quarter.

The median ransom payments dropped noticeably

(Those: Coveware)


According to Coveware, the new numbers show a trend reversal among developers offering ransomware-as-a-service. Recently, it is no longer large companies, but increasingly medium-sized companies that are being attacked. That’s because of the more consistent returns and reduced risk that come with those goals, according to Coveware. “We’ve seen an encouraging trend among big companies not to enter into negotiations at all when the extortionists are asking for unimaginably large sums of money,” the report says.

BlackCat is the most active

Among the various ransomware groups, BlackCat has been the most active in the last quarter, leading the Coveware ranking with 16.9 percent of published attacks. Lockbit follows closely with a share of 13.1 percent.

BlackCat continues to lead the ranking

(Those: Coveware)

Double Extortion

The double racket trend continued this quarter. The hackers threaten to publish the data if the ransom demands to decrypt the stolen data are not met. This tactic was used 86 percent of the time, according to Coveware. Therefore, the company also emphasizes that in most cases, paying a ransom does not stop the attackers from demanding even more money or from distributing the stolen data anyway.

Less downtime

In several cases, stealing the data was the main goal of the extortionist and the stolen data was not additionally encrypted. As a result, the average downtime resulting from ransomware attacks dropped to 24 days. An 8 percent decrease from the first quarter of 2022.

Source: com! professional by www.com-magazin.de.

*The article has been translated based on the content of com! professional by www.com-magazin.de. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!