In the month of February, 962 organizations worldwide fell victim to ransomware: a record according to figures from Bitdefender.
Bitdefender concludes in a report that February saw a record number of ransomware attacks. A total of 962 victims were reported, which would be an increase of 126 percent compared to February 2024. The Clop group was responsible for 335 of these attacks. The epicenter of the attacks was in the United States, with several dozen victims in Europe. Bitdefender’s figures are in line with those of other security companies observing an increase in ransomware.
read also
Ransomware in 2024: more attacks, more perpetrators
Bitdefender’s analysis shows that ransomware groups are increasingly exploiting vulnerabilities in internet-accessible software. As soon as a new security flaw is made public, cybercriminals scan the internet within 24 hours looking for vulnerable systems. They then gain access and begin manual attacks. The actual ransomware attack or data theft often occurs weeks or months later.
Vulnerable Software
Two vulnerabilities discovered in late 2024 in the Cleo software, CVE-2024-50623 and CVE-2024-55956, proved to be popular targets. Both flaws, with a severity score of 9.8 out of 10, made it possible to execute commands remotely. Although these vulnerabilities were known in October and December 2024, most attacks occurred in February.
In addition to the record numbers of ransomware attacks, the report brought to light several notable developments. There are groups using deepfakes or even webcams to bypass detection and deploy ransomware. Double extortion is also becoming more common, especially by new ransomware groups emerging on the scene.
Bitdefender advises organizations to actively detect threats, implement patches quickly, and use advanced detection systems. This can help stop ransomware attacks in a timely manner.