Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] Ransomware index report: October 2022

by Dain Oh, Areum Hwang, Sangseon Kim, Kuksung Nam, Sojun Ryu

Nov. 04, 2022
10:14 AM GMT+9

“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.

Hello, this is Dain Oh for The Readable. Last week, South Korea went through a national tragedy, which led 154 people to their deaths in the center of the city. Halloween literally turned into a nightmare. While the nation was picking up the pieces, cybercriminals did not miss an opportunity to exploit the disaster. Kuksung Nam for The Readable covered the story. Her article is also included in this week’s briefing at the bottom.

Starting today, The Readable’s subscribers can access a monthly ransomware report by S2W. The report includes specific numbers about ransomware groups and their victims in addition to the numbers of newly opened data leak sites by ransomware groups. By looking at the numbers, our readers will be able to get an idea of the overall threat landscape of the ransomware ecosystem. Sojun Ryu for The Readable provides reports representing his team’s work regarding threat intelligence.

This month’s report is available to everyone who visits our website, but it will only be open to those who subscribe our newsletters from next month. We do not bury our readers’ inboxes with too many letters or ask them to pay for a subscription. So, if you have not yet subscribed to our newsletter, please click the “Subscribe” button at the top. The only thing you need to do is to type in your email address.

Ransomware index report: October 2022


In October 2022:

  1. A total of 218 companies’ data were uploaded onto leak sites by ransomware groups.
  2. LockBit turned out to be the most active ransomware group, uploading 56 companies’ data onto their leak sites.
  3. Companies in the manufacturing industry were targeted the most by ransomware groups.


Newly discovered or changed data leak sites in October 2022

※ “Change” means that the leak site has changed its domain address.

Ransomware groups and activities in October 2022: Percentage of each ransomware group in companies that were uploaded onto the data leak sites

Top five countries by number of leak sites their data appeared on

Top five industries by number of leak sites their data appeared on

The next monthly ransomware index report will be published through the first newsletter in December.

[News] South Korean authorities discover hacking attempts abusing Halloween crowd surge

Designed by Areum Hwang, The Readable

South Korean authorities issued a series of warnings regarding hacking attempts that abused one of the country’s worst peacetime disasters, happening on the Halloween weekend in Seoul.

The Office of National Security warned in a press statement on Tuesday that they have detected an attempted cyberattack which was related to the Halloween crowd surge. The deadly surge in one of Iteawon’s narrow alleys led more than 150 people to their deaths.

According to the press release, the hacking attempts were carried out by a malicious document which was disguised as an official report by the Central Disaster and Safety Countermeasures Headquarters. To read the original reporting by Kuksung Nam, click here.


Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

Stay Ahead with The Readable's Cybersecurity Insights