Automated ransomware data exfiltration has passed 10% of all submitted ransomware files. This is a major shift from less than 1% just two quarters ago. As bad actors continue to be funded by ransom payments, their capabilities and strengths continue to rise.

ID Ransomware, a website where a ransom note and/or encrypted file can be uploaded, claims it has received over 100,000 submissions of crypto-malware in Q2. 11,642 of those attacks included automated data theft. Automated data theft proves to be even more dangerous than typical malware due to the data being held hostage in hopes for a payout, most ransomware actors will then dump the data if their demands are not met in a short period of time. These ransomware actors host websites on the dark web to display and show this data.

Various ransomware groups led these cyberattacks, including DopplePaymer, Maze, and Sodinokobi/REvil. SpearTip consistently monitors these blogs for leaked data as well as to fortify information around these groups.

Read the full article here.

Recognize your risk now. SpearTip’s cybersecurity engineers protect environments around-the-clock for peace of mind. Risk assessments and tabletop exercises are beneficial ways for you and your organization to understand your cybersecurity posture.

Our ShadowSpear® Platform is a solution in addition to our elite Team. Learn more about it here.

To learn more about ransomware and how to protect your environment, visit or email [email protected] to speak with a cybersecurity professional.

24/7 Breach Response: 833.997.7327