The Hive ransomware group emerged as the third-most active hacking operation last month, surpassing BlackCat, as ransomware attacks rose by more than 50% between February and March, TechRepublic reports.
NCC Group researchers found that Hive recorded a 188% increase in attacks from February, the highest among all threat groups, while most of the group's attacks were targeted at the industrial sector, similar to the LockBit 2.0 and Conti groups.
Moreover, North America accounted for 44% of ransomware attacks last month, making it the most targeted region worldwide, while almost 90% of ransomware attacks in the region were attributed to the U.S., which had ransomware deployments rise by 48% from February to March.
The report also showed that industrials and consumer cyclicals were the most targeted sectors, with NCC Group researchers expecting continued attacks against both industries, which should prompt increased urgency in facilitating service restoration while minimizing damages and costs.
Hive ransomware group on the rise
The Hive ransomware group emerged as the third-most active hacking operation last month, surpassing BlackCat, as ransomware attacks rose by more than 50% between February and March, TechRepublic reports.
Malicious QR code messages have also been increasingly leveraged to compromise the sector, with Office 365 used to send over 15,000 of such messages to education entities, a Microsoft Threat Intelligence report showed.
Misconfigured Magento or OpenCart instances may have been targeted to facilitate the deployment of Mongolian Skimmer, which uses various event-handling methods to ensure extensive compatibility while hiding malicious activity with heavy Unicode character utilization.