Dark Angels Named Top Ransomware Threat in 2024
Cybersecurity experts have identified a Russia-based syndicate, Dark Angels, as the top ransomware threat for 2024. The group, active since 2021, operates differently from others, avoiding attention and favouring mass data theft over disruption. In April 2023, Dark Angels launched a victim shaming site, Dunghill Leak, with a poorly designed brand.
Dark Angels made headlines in February 2024 when a Fortune 50 company paid a record $75 million ransom, as per Zscaler ThreatLabz. Bleeping Computer suggested that the pharmaceutical giant Cencora (formerly AmeriSourceBergen Corporation) was the victim. Cencora's 1st quarter report for 2024 confirms a $30 million cost linked to a data exfiltration event during the same period.
Sophos reports that average ransomware payments have increased fivefold in the past year. Organizations fund 40% of these payments, with insurance providers covering another 23%. The City of Tulsa, Oklahoma, set the previous record in 2021 with a $75 million payment after a ransomware attack.
Dark Angels' unique operating model and preference for mass data theft over disruption make it a significant threat. Despite its low profile, the group has successfully targeted major companies across various sectors. As ransomware payments continue to rise, organizations must enhance their cybersecurity measures to protect against such threats.
