These were the nastiest malware strains of 2023 - so stay on your guard

News
By published

Ransomware as a service is dominating the charts

security
(Image credit: Shutterstock / binarydesign)

This year’s Nastiest Malware report from OpenText Cybersecurity, which lists the biggest threats for the past year, is out, and the overarching theme this year is rebranding.

After analyzing the threat landscape to determine the most notorious malware trends, the company's experts discovered the biggest threats these days are coming from ransomware players. More specifically - ransomware-as-a-service (RaaS) players. 

“A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities,” said Muhi Majzoub, EVP and Chief Product Officer, OpenText. “There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom.”

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Cl0p, BlackCat, and others

These days, the biggest players out there are a rebrand of former biggest players out there. The first name on the list is Cl0p, namely because of the havoc it wreaked with the MOVEit managed file transfer attack. 

Through MOVEit, Cl0p compromised data on thousands of firms, which propelled it to the very top of the list. The second name on the list is BlackCat, which OpenText believes is the successor of the REvil ransomware group. BlackCat built its RaaS platform in Rust, and gained notoriety after breaching MGM Casino Resorts. 

The top three are rounded off by Akira, believed to be the heir to Conti (which fell apart approximately at the start of the Russo-Ukrainian conflict). Akira targets SMBs because it’s easier and these firms respond quicker, the researchers said. Akira was responsible for the attack on Cisco’s VPN products. Other notable mentions include Royal (a successor to Ryuk), LockBit 3.0, and Black Basta currently the only two names on this list that haven’t rebranded. 

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
ransomware avast
“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?
Ransomware attack on a computer
Ransomware attacks surged in 2024 as hackers looked to strike faster than ever
Hands typing on a keyboard surrounded by security icons
35 years on: The history and evolution of ransomware
An illustration of a silhouetted thief in motion running while carrying a stolen fingerprint
The 5 worst cyberattacks of 2024
Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Lenovo | Thinkpad T14s Gen 6 Snapdragon
Windows 11’s latest patch declares war on BIOS updates for some Lenovo laptops, blocking them as a security risk in a bizarre turn of events
Google Pixel Watch 3 side dial and button
Google Gemini reportedly spotted on Wear OS – could a rollout be close at hand?
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
More about security
Sam Altman and OpenAI

OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Lenovo | Thinkpad T14s Gen 6 Snapdragon

Windows 11’s latest patch declares war on BIOS updates for some Lenovo laptops, blocking them as a security risk in a bizarre turn of events
See more latest
Most Popular
Lenovo | Thinkpad T14s Gen 6 Snapdragon
Windows 11’s latest patch declares war on BIOS updates for some Lenovo laptops, blocking them as a security risk in a bizarre turn of events
Google Pixel Watch 3 side dial and button
Google Gemini reportedly spotted on Wear OS – could a rollout be close at hand?
XGIMI Portable Outdoor Screen
This cheap new outdoor projector screen looks like a smart companion for portable projectors – get 70 inches of entertainment anywhere
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
HP ZBook Ultra G1a
HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
A mobile phone showing the Signal logo in front of a screen showing the app
Signalgate explained: what is Signal, and how secure is the messaging app?
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake