Rise in Encryptionless Ransomware Attacks
Summary
Hide ▲
Show ▼
Cybercriminals are increasingly shifting from traditional ransomware attacks involving encryption to extortion-only attacks that rely solely on data theft. This trend has seen a significant rise, with nearly 1500 incidents in 2025 compared to just 28 in 2024. These attacks exploit unpatched zero-day vulnerabilities and supply chain weaknesses, targeting organizations through methods like social engineering and voice phishing. The shift poses new challenges for enterprises, requiring them to enhance their security posture and focus on supply chain security.
Timeline
-
15.01.2026 17:45 1 articles · 4h ago
Significant Rise in Encryptionless Ransomware Attacks in 2025
In 2025, there was a notable increase in encryptionless ransomware attacks, with nearly 1500 incidents reported. These attacks rely on data theft alone for extortion, exploiting unpatched zero-day vulnerabilities and supply chain weaknesses. Prominent examples include campaigns by ShinyHunters and Scattered Spider, targeting organizations through social engineering and voice phishing.
Show sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45
Information Snippets
-
Traditional ransomware attacks remained stable with 4737 incidents in 2025, up 1% from 2024.
First reported: 15.01.2026 17:451 source, 1 articleShow sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45
-
Encryptionless attacks grew significantly, with nearly 1500 incidents in 2025 compared to 28 in 2024.
First reported: 15.01.2026 17:451 source, 1 articleShow sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45
-
ShinyHunters targeted Salesforce instances using social engineering and voice phishing to steal data and extort ransom payments.
First reported: 15.01.2026 17:451 source, 1 articleShow sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45
-
Scattered Spider also engaged in extortion-only attacks, though they still deployed traditional ransomware attacks.
First reported: 15.01.2026 17:451 source, 1 articleShow sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45
-
CVE-2025-61882, a vulnerability in Oracle E-Business Suites, was exploited in encryptionless extortion campaigns.
First reported: 15.01.2026 17:451 source, 1 articleShow sources
- Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion — www.infosecurity-magazine.com — 15.01.2026 17:45