FlagThis

The RansomHub ransomware group has rapidly risen to prominence, surpassing other cybercriminal organizations in a short amount of time. This surge in activity is directly linked to the disruptions experienced by LockBit and ALPHV. RansomHub emerged earlier this year and is suspected to be a rebrand of the Knight ransomware group, quickly absorbing affiliates from LockBit after their law enforcement takedown, and later capitalizing on the void left by ALPHV/BlackCat's exit scam.

The group has made headlines by aggressively naming and shaming hundreds of organizations on its leak site, demanding exorbitant payments across various industries. Within six months of operations, RansomHub claimed 210 victims, attracting the attention of the FBI, CISA, and other government agencies. This includes major organizations such as Christie’s, Frontier Communications, Rite Aid, and Planned Parenthood among many others. RansomHub's malware has also become the preferred tool for other sophisticated criminal actors, further solidifying their position as a significant threat.

ImgSrc: ciso2ciso.com

References:

• CISO2CISO.COM & CYBER SECURITY GROUP - How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise – Source: go.theregister.com - 9d
• The Register - Security: Research - How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise - 9d
• @jos1264 - How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise – Source: go.theregister.com - 9d
• @theregister - How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise - 9d
• go.theregister.com - How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise - 9d
• ciso2ciso.com - How cops taking down LockBit, ALPHV led to RansomHub’s meteoric rise - 9d

Classification:

• HashTags: Ransomware RansomHub Cybercrime
• Company: RansomHub
• Target: Organizations
• Product: RansomHub
• Feature: ransomware
• Type: Ransomware
• Severity: Major