With an extortion toll running to tens of billions of dollars, few experts would dispute that ransomware is the most consequential cybercrime business model yet devised.
But even the most successful business doesn’t stand still, which is why it shouldn’t surprise us that ransomware has recently started evolving in ways that signal an important shift.
The context is that ransomware is under pressure. The biggest factor here is a series of police takedowns of the biggest ransomware groups, principally Conti (2022), Hive (2023), LockBit (2024), and the Scattered Lapsus$ Hunters alliance (2025), which have caused the sector to fragment.
Police action is effective, not so much because it deprives groups of infrastructure (which can be resurrected) but because it undermines credibility and trustworthiness. If there’s a chance that the police are monitoring a dark web market or affiliate platform, who would do business with any group using it?
Inevitably, this has caused retrenchment, not helped by a growing reluctance by victims to pay ransoms to recover stolen data. Undoubtedly, there’s still a lot of ransomware about. It’s just that not as many of these campaigns are leading to payoffs.
But criminals aren’t going to give up that easily. If ransomware has proved anything, it’s that there are a lot of companies out there running vulnerable systems. The field of potential targets is still rich.
Supply chain shift
In their hour of need, it now looks as if ransomware criminals are turning to a new and potent concept – the supply chain attack. Supply chain attacks aren’t a new worry, but evidence is mounting that ransomware actors have worked out how they could be used to scale extortion campaigns.
An example arrived with the February 2026 supply chain compromises of the Trivy and KICS open-source security tools, and the LiteLLM AI gateway, by a new threat group called TeamPCP.
Aqua Security’s Trivy, in particular, has become a popular open-source tool for scanning cloud systems for security vulnerabilities. Unfortunately, by compromising the tool’s GitHub Actions and Python Package Index (PyPI) updating mechanism, TeamPCP quietly turned it into a gaping vulnerability of its own.
Google subsidiary Mandiant estimates that at least 1,000 SaaS organizations using the tool downloaded a malware-infected version, almost certainly an underestimate given the tool’s large user base.
One victim, the EU’s Europa.eu platform, said it lost 350GB of data from “42 internal clients of the European Commission, and at least 29 other Union entities.” That’s in addition to critical data such as SSH keys, cloud access tokens, and cryptocurrency wallets stolen from victims more widely.
Within days, data stolen during the latter attack turned up on the dark website of ransomware collective, ShinyHunters, an indication that a wave of extortion demands won’t be far off.
Supply chain attacks are a huge boost for ransomware: through a single hack, it becomes possible to victimize thousands of companies at once. And the more companies that are involved, the greater the chance of finding at least one willing to pay the extortion demand.
This suggests bigger changes are afoot. The fact that the group that executed the Privy compromise, TeamPCP, isn’t solely a ransomware actor implies that the ecosystem around this type of threat is changing.
In the new world, ransomware is part of a deeper criminal ecosystem in which ransomware actors (or ‘brand’) are just one element alongside initial access brokers and ransomware-as-a-service platforms. The original ransomware actors have now become technical enablers, leaving smaller and less expert groups to do the hard work for them.
What does this mean for enterprises? Perhaps fewer attacks, but more serious ones that happen away from their own infrastructure. The era of supply chain ransomware might not last long, but it won’t be fun.