The number of companies paying ransomware attackers for decryption keys and delete stolen files has plummeted, and now represents just 23% of all victims, new research has claims.
In its report, Coveware said ransom payment rates across all impact scenarios – encryption, data exfiltration, and other extortion – fell to a “historical low” of 23% in Q3 2025. “ This continuation of the long-term downward trend is something all industry participants should take a moment to reflect on: that cyber extortion’s overall success rate is contracting,” the company said.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Taking SHELLTER: a commercial evasion framework abused in the wild
July 3, 2025
Elastic Security Labs is observing multiple campaigns that appear to be leveraging the commercial AV/EDR evasion framework, SHELLTER, to load malware. SHELLTER is marketed to the offensive security industry for sanctioned security evaluations, enabling red team operators to more effectively deploy their C2 frameworks against contemporary anti-malware solutions. SHELLTER, like many other offensive security tools (OSTs), is ...
- Mexican drug cartel hacked cameras and phones to spy on FBI and identify witnesses
July 3, 2025
The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau’s defenses against this kind of surveillance are still inadequate. The findings came to light in a June ...
- Ransomware crew Hunters International shuts down, hands out keys to victims
July 3, 2025
Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor. Announcing the news on Thursday morning, the gang deleted all victim data from its dark web leak site and issued a statement confirming its closure. “We, at Hunters International, wish to inform you of a significant decision regarding ...
- FBI: Fraudsters Target US Stock Investors through Investment Clubs Accessed on Social Media and Messaging Applications
July 3, 2025
The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or messages promoting an “investment club” of fellow investors, some of which may be bots or ...
- macOS NimDoor, DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware
July 2, 2025
In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group. Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations. Analysis revealed an attack chain consisting of an eclectic mix of scripts and binaries written in AppleScript, C++ ...
- Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
July 2, 2025
A security vulnerability in a stealthy Android spyware operation called Catwatchful has exposed thousands of its customers, including its administrator. The bug, which was discovered by security researcher Eric Daigle, spilled the spyware app’s full database of email addresses and plaintext passwords that Catwatchful customers use to access the data stolen from the phones of their ...