This report outlines the increase in ransomware activity, highlighting the number of new samples and targeted businesses in March 2025. It emphasizes the rising trend in ransomware threats and provides insights into the operations of various ransomware groups. Affected: ransomware groups, targeted businesses
Keypoints :
- Significant increase in new ransomware samples detected in March compared to February.
- Statistics are based on detection names by AhnLab and data from Dedicated Leak Sites (DLS) of ransomware groups.
- Report includes detailed analysis on targeted businesses by various ransomware groups.
- Data on targeted businesses may include delays or uncollected data from certain ransomware groups.
- Specific MD5 hashes of ransomware samples are provided in the report.
MITRE Techniques :
- T1486 – Data Encrypted for Impact: Encryption of files to extort victims.
- T1203 – Exploitation for Client Execution: Exploiting software vulnerabilities to deliver ransomware.
- T1071 – Application Layer Protocol: Using application layer protocols for C2 communications.
- T1102 – Web Service: Leveraging web-based services for data exfiltration.
- T1490 – Inhibit System Recovery: Disabling recovery options to prevent restoration of systems.
Indicator of Compromise :
- [MD5] 0168a4daa9598e991e140057e59438f6
- [MD5] 2a5bad4cc201bc2f5314e35f4ded7144
- [MD5] 3496e044b41712adf5fdc7725485f922
- [MD5] 4295f428f19463fba72ed293b8beb0c1
- [MD5] 8cc69beceb9be0239125affffe902401
Full Story: https://asec.ahnlab.com/en/87445/
Views: 27