Ethical Hacking News
Ransomware has continued to climb in 2025, despite efforts to combat it. The number of victims on extortion sites increased by over 50 percent compared to 2023, with more than 8,000 claimed victims tracked worldwide. As the threat landscape continues to evolve, cybersecurity experts will need to adapt their strategies to address the evolving tactics used by attackers.
The number of victims on extortion sites increased by over 50% compared to 2023, with more than 8,000 claimed victims worldwide. The count of active ransomware crews rose to well over three figures by the end of 2025. A messy landscape of smaller outfits popping up and disappearing under new names is now prevalent. Ease of distribution, social engineering tactics, and changing threat landscapes are contributing factors to the resurgence of ransomware attacks. Efforts to combat ransomware have not led to a decrease in overall attack numbers, with gangs resurfacing under new names or affiliations.
The 2025 State of Ransomware in the US report from security firm Emsisoft paints a grim picture for businesses and individuals alike, as ransomware attacks continued to climb, despite efforts to combat them. According to the report, the number of victims on extortion sites increased by over 50 percent compared to 2023, with more than 8,000 claimed victims worldwide tracked by trackers monitoring dark web shaming pages.
This surge in ransomware attacks marks a significant shift from previous years, where law enforcement and cybersecurity experts made progress in taking down ransomware gangs. In 2025, however, Emsisoft's numbers suggest that there are more gangs operating than ever before, with the count of active ransomware crews rising to well over three figures by the end of 2025.
Instead of a handful of mega-brands dominating the ransomware scene, the report reveals that there is now a messier landscape, with numerous smaller outfits popping up and disappearing under new names as affiliates drift between operations. This trend has left law enforcement agencies struggling to keep pace with the ever-evolving threat landscape.
The reasons behind this resurgence are multifaceted. Firstly, the ease of distribution and dissemination of malware has made it easier for attackers to spread their ransomware campaigns. Secondly, the proliferation of social engineering tactics such as phishing, stolen logins, and social engineering have enabled gangs to bypass perimeter defenses more effectively. And finally, the changing nature of the threat landscape has led to a churning of affiliates, with new names emerging as old ones fade away.
According to Emsisoft's threat intelligence analyst Luke Connolly, this dynamic continues to fuel the persistence of ransomware attacks. As long as there are numerous affiliates and social engineering remains effective, victim counts will continue to rise. The churning nature of the affiliate ecosystem means that even efforts to take down one group can lead to others emerging in its place.
This trend has significant implications for businesses and individuals alike. With more than 8,000 claimed victims worldwide, Emsisoft's report paints a grim picture of a threat landscape where ransomware attacks continue to climb despite efforts to combat them. As the threat evolves, cybersecurity experts will need to adapt their strategies to address the evolving tactics used by attackers.
Furthermore, this resurgence highlights the limitations of current law enforcement efforts in taking down ransomware gangs. While there have been notable successes in recent years, such as the global takedown of BlackSuit in August 2025, these victories have not led to a decrease in overall attack numbers. Instead, the gangs behind these attacks seem to be resurfacing under new names or affiliations.
The reasons for this resilience are complex and multifaceted. However, one factor that stands out is the ease with which attackers can change their tactics and strategies. As cybersecurity experts work to develop new tools and techniques to combat ransomware, it becomes increasingly difficult to adapt to these shifting tactics.
In conclusion, the 2025 State of Ransomware in the US report provides a concerning snapshot of a threat landscape that continues to evolve and persist despite efforts to combat it. As the threat landscape changes and adapts, cybersecurity experts will need to work closely with law enforcement agencies to develop effective strategies for mitigating these attacks.
As we continue to navigate this complex threat landscape, one thing becomes clear: the war against ransomware is far from over.
Related Information:
https://www.ethicalhackingnews.com/articles/Ransomware-Rides-Again-The-Resurgence-of-a-Persistent-Cyber-Threat-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/08/ransomware_2025_emsisoft/
Published: Thu Jan 8 09:03:06 2026 by llama3.2 3B Q4_K_M
