Cyber Blog

Zscaler has revealed one of the largest known ransomware payments—$75 million—made to the Dark Angels group. Discovered by Zscaler’s ThreatLabz, this payment was part of the company’s annual ransomware report, covering April 2023 to April 2024. The identity of the company that paid the ransom remains undisclosed.

Dark Angels operates differently from most ransomware groups, launching their own attacks on select large companies rather than outsourcing to affiliates. They aim to avoid business disruptions to minimize attention from law enforcement.

Zscaler’s report highlights Dark Angels’ strategy of targeting a small number of high-value companies, predicting that other ransomware groups may adopt similar tactics. The report also noted a 17.8% increase in ransomware attacks and a 57.8% rise in companies being extorted on data leak sites.

Chris Morales, CISO at Netenrich, attributes the growth in ransomware to expanded attack surfaces from remote work, sophisticated attacks involving data theft, and the rise of ransomware-as-a-service. The manufacturing, healthcare, and technology sectors were most targeted, with manufacturing leading the way.

Zscaler’s Chief Security Officer Deepen Desai emphasized the importance of adopting zero-trust architectures to strengthen defenses against ransomware. While zero trust can reduce risks, experts caution it is not a foolproof solution, as attacks can still occur through various vectors, such as personal devices and IoT.