Ransomware groups are cybercriminal organizations specialized in deploying malware that encrypts victims’ data, making this information inaccessible. Once the data has been encrypted, these groups typically demand a ransom, often paid in cryptocurrency, in exchange for the decryption key enabling victims to recover their data. These attacks can target individuals, businesses, government institutions or critical infrastructures, causing major disruption and considerable financial loss.
Over the years, several ransomware groups have emerged and gained notoriety for their large-scale attacks and exorbitant ransom demands. These groups use sophisticated techniques, exploit vulnerabilities and constantly adapt their methods to evade detection and maximize their profits. In addition to encrypting data, some also threaten to divulge sensitive information if they don’t receive payment, adding an extra dimension of blackmail to their operations.
For security reasons, we voluntarily limit the disclosure of detailed information about our specific tools. Our cyber watch unit constantly monitors the activity of ransomware groups.
LockBit made its debut in 2019. It primarily targets large organizations and uses military-grade encryption technology to hold organizations' IT systems hostage.
The digital enemy to watch closely in 2023... BlackCat ransomware, also known as Alphv ransomware, is considered to be one of the most sophisticated types of malware.
Pysa ransomware has emerged as a major threat in the cyberthreat landscape. It was first reported by the Federal Bureau of Investigation (FBI) due to its increased activity and high impact.
The Monti ransomware stands out for its targeted cyberattacks and sophisticated infiltration strategy. Although still relatively new, it has already inflicted considerable damage on several organizations.
The Hive ransomware was a ransomware-as-a-service (RaaS) operation run by the eponymous cybercriminal organization between June 2021 and January 2023. Its main target was public institutions.
Browse our knowledge base. We have compiled the available data on the following Ransomware strains
On August 26, 2025,ESET researchers announced a significant discovery: PromptLock, the first known ransomware to use artificial intelligence to generate its malicious scripts in real
In just a few months, DragonForce has established itself as one of the most feared ransomware groups of 2025. Behind this name lies a cybercriminal
Since August 2023, INC Ransom has established itself as a major cybercriminal player in the international IT security arena. Specializing in double extortion, this group
Imagine ransomware that no longer encrypts your data, but terrorizes you just the same. This is the reality of Worldleaks, the criminal group revolutionizing digital
The ransomware landscape has been marked by the meteoric emergence ofa particularly formidable new player: the Interlock group. First appearing in September 2024, this criminal
The current ransomware landscape continues to evolve, with new and increasingly sophisticated ransomware emerging regularly. Among the most recent players to hit the cybersecurity scene,
The cybercriminal landscape of 2025 is undergoing a major evolution with the striking emergence of Safepay. Safepay is a ransomware group that has established itself
The IT threat landscape has just welcomed a particularly worrisome new player. SuperBlack, a sophisticated ransomware that appeared in early 2025, is rapidly establishing itself
A surprise attack on one of the most powerful cybercrime groups In a stunning turn of events, the LockBit ransomware group, long considered a formidable
The cyberthreat landscape continues to evolve, with malicious actors becoming ever more determined and organized. Among these groups, the Qilin ransomware has emerged as one
As you know, cybersecurity threats are constantly evolving, and new players are appearing all the time. Today, we’re focusing on Akira, a ransomware group that
Known as far back as June 2022, the Play (or PlayCrypt) ransomware is a leading malicious actor spreading terror across the digital landscape. The Play
