Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

The Play ransomware group has impacted around 300 entities as of October 2023, according to joint cybersecurity advisory from Australia and the U.S. Play ransomware employs a double-extortion model, encrypting systems after stealing data and affecting both domestic and international businesses. Threat actors are increasingly exploiting vulnerabilities and moving away from using phishing emails to infect systems. The Play ransomware has transformed into a ransomware-as-a-service (RaaS) operation and uses both public and bespoke tools for attacks.