The Week in Ransomware - May 19th 2023 - A Shifting Landscape


Level 78
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
In the ever-shifting ransomware landscape, we saw new ransomware gangs emerge, threat actors return from a long absence, operations shifting extortion tactics, and a flurry of attacks on the enterprise.

Over the past few weeks, we have reported on new ransomware operations that have emerged in enterprise attacks, including the new Cactus, Akira, RA Group operations.

This week a relatively new operation named Abyss hit L3Harris, a $17 billion defense company, shifting them into the spotlight.

We also learned about MalasLocker, a ransomware operation targeting Zimbra servers since March. The hackers also have an unusual extortion tactic, demanding victims donate to an approved charity to receive a decryptor and prevent a data leak.

Whether or not the ransomware gang will keep to the arrangement or if this is just an interesting marketing campaign is too soon to tell.

As for shifting extortion tactics, a joint FBI and CISA report confirmed that the BianLian ransomware operation has switched to extortion-only attacks after Avast released a decryptor.

We also learned about new attacks and significant developments in previous ones:
Finally, researchers and law enforcement released new reports:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.