InfoSecBulletin Cybersecurity for mankind
A recent analysis reveals the Top 10 cybercrime and ransomware groups that have caused the most victims, emphasizing the rise in cyberattacks by a small number of active threat actors.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Top Cybercrime Groups Drive Majority of Victimization
The chart shows that Qilin has the highest number of known victims, significantly outpacing others. Security researchers attribute Qilin’s success to its aggressive targeting strategy and broad operational reach.
Qilin is followed by Snobi and Akira in the rankings, as they persist in their efforts against businesses, healthcare, and manufacturing sectors. These groups use double-extortion tactics, encrypting data while stealing it to heighten pressure on victims.
The dataset shows in January 2025, 618 victims were recorded. But in January 2026 it was recorded 285 victims till 15 January as per ransomware.live. On the other hand, 292 victims were recorded in January 2024.
Manufacturing and Technology Lead Ransomware Targeting in Early 2026
The dataset shows manufacturing industry is the top most victim sector in 2026 with 39 victims. 33 victims were recorded in the technology sector, securing 2nd place. Healthcare and construction stood 3rd and 4th places with 20, 15 victims accordingly.
Data from early 2026 shows that ransomware is mainly targeting the manufacturing and technology sectors, as highlighted in the January 2026 distribution figures.
Sector distribution per month in % (2026):Â
Manufacturing 20.3 %
Technology 17.5%
Healthcare 10.6 %
Construction 7.9%
Business Service 5.8%
Others 31.2%
Threat Landscape Implications
Cybersecurity experts caution that the focus of attacks by a few groups raises the threat of large, coordinated campaigns against areas with weaker defenses. Many of these groups take advantage of:
Unpatched vulnerabilities
Exposed RDP and VPN services
Stolen or reused credentials
Weak backup and incident response practices
What Organizations Should Do
Security teams are advised to:
Monitor for ransomware indicators of compromise (IOCs)
Strengthen backup, recovery, and incident response plans.
Prioritize patch management and vulnerability scanning.
Implement multi-factor authentication (MFA)
