Jack Cable, a information designer astatine Krebs Stamos group, and a erstwhile U.S. Cybersecurity and Infrastructure Security Agency worker, has started a ransomware payments tracking tract called Ransomewhere.
Because bitcoin transactions are public, you tin see—if you look—who's getting paid however much.
Ransomwhe.re keeps a running tally of ransoms paid based connected anonymous self-reporting by the victims of ransomware. The afloat database is disposable for escaped to researchers and each enforcement.
SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)
So, who's getting the astir ransom money? As of the penning of this script, present are the apical five.
- $12.7 cardinal successful bitcoin to Conti. The radical down Conti whitethorn beryllium the aforesaid enactment down the Ryuk ransomware. The onslaught against Ireland's Health Service is attributed to Conti.
- $12.1 cardinal successful bitcoin to REvil/Sodinokibi. They're not the lone 1 that offers ransomware arsenic a work but they were 1 of the astir palmy astatine it. Their highest illustration onslaught was against the Casey desktop absorption service, but they besides attacked the U.S. subject contractor HX5. However, connected July 13, 2021, REvil infrastructure unopen down.
- $4.6 cardinal successful bitcoin to Darkside. The onslaught against the Colonial Pipeline strategy is attributed to Darkside arsenic is an onslaught against Toshiba. Its malware shares a batch of codification with REvil's. On May 14, 2021, Darkside announced it had mislaid entree to its outgo server, blog and funds.
- $4.5 cardinal successful bitcoin to RagnarLocker. This radical has been astir since 2019. It has been utilized against Portugal's Energy Utility, the gaming institution Capcom and much recently, DRAM and NAND flash shaper ADATA.
- $4.2 cardinal successful bitcoin to MountLocker. This ransomware effort has been precocious updated to better evade security. It's been utilized much often against Biotech companies recently. Customized versions of MountLocker from Astro Locker and XingLocker are besides retired there.
It's not reassuring to spot the ample magnitude of wealth going to ransomware, but if you request assistance making the lawsuit of wherefore it's important to hole for it, possibly this helps. And the information itself is utile astatine getting a grip connected what the threats retired determination are.
Subscribe to TechRepublic Top 5 connected YouTube for each the latest tech proposal for concern pros from Tom Merritt.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays
Sign up todayAlso see
- Apple supplier Quanta deed with $50 cardinal ransomware onslaught from REvil (TechRepublic)
- The information and privateness down IBM's Digital Health Pass (TechRepublic)
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
- Checklist: Securing integer information (TechRepublic Premium)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)