Play, Qilin, Medusa, and LockBit — which was the dominant ransomware operation in 2022 and 2023 before being subjected to law enforcement crackdowns this year — completed the top five, according to an analysis from Check Point. Operating as a ransomware-as-a-service was noted by researchers to have been beneficial to RansomHub, whose remote encryption attacks mostly targeted the U.S.

Source: SC Magazine