Hong Kong
HKRansomware victim intelligence profile ยท Ranked #31 globally ยท Updated: May 28, 2026
Ransomware Threat Profile: Hong Kong
Hong Kong ranks #31 globally for ransomware attacks, with 79 confirmed victims in this database โ representing 0.4% of the worldwide total. The most active ransomware groups targeting Hong Kong include Qilin, Nightspire, Dragonforce.
The most frequently targeted industries in Hong Kong are Financial Services, Manufacturing, Technology. The healthcare sector is particularly vulnerable because attacks on hospitals and medical providers can create life-threatening situations, increasing pressure to pay ransoms quickly.
Hong Kong's attack volume reflects broader trends in ransomware targeting: the volume of attacks reflects the country's integration into the global economy and the proliferation of ransomware operations that target organisations of all sizes worldwide.
Organisations in Hong Kong should consider the active threat groups documented here when assessing their cybersecurity posture, implementing detection rules, and prioritising incident response planning.
Recent Victims in Hong Kong (20 cached of 79 total)
| # | Organization | Group | Sector | Date |
|---|---|---|---|---|
| 1 | nacs.com.hk | Krybit | โ | May 19, 2026 |
| 2 | Value Exchange International | Thegentlemen | Financial Services | May 12, 2026 |
| 3 | Heng An Standard Life Insurance | Blacknevas | Financial Services | Apr 30, 2026 |
| 4 | Travel Expert | Qilin | Hospitality and Tourism | Apr 25, 2026 |
| 5 | Playmates Toys | Coinbasecartel | Consumer Services | Apr 20, 2026 |
| 6 | shunhinggroup.com | Lockbit5 | Manufacturing | Apr 14, 2026 |
| 7 | Frontier Financial Group | Gunra | Financial Services | Apr 8, 2026 |
| 8 | NeoDerm | Gunra | Healthcare | Apr 8, 2026 |
| 9 | Paid Victim CCD233FEE92FFA2D | Auditteam | โ | Apr 8, 2026 |
| 10 | CCCKeito.edu.hk | Krybit | Education | Apr 6, 2026 |
| 11 | GCA Professional | Thegentlemen | Business Services | Apr 4, 2026 |
| 12 | Golden GBC | Qilin | โ | Feb 27, 2026 |
| 13 | Shining Labels | Dragonforce | Manufacturing | Feb 13, 2026 |
| 14 | MEDIAWORLD.COM.HK | Clop | Technology | Feb 7, 2026 |
| 15 | Novetex Textiles | Thegentlemen | Manufacturing | Feb 6, 2026 |
| 16 | Handsome Manufacturing | Thegentlemen | Manufacturing | Jan 31, 2026 |
| 17 | sitoy.com | Abyss | Consumer Services | Jan 26, 2026 |
| 18 | CLEARWAYGROUP.COM | Clop | Business Services | Jan 25, 2026 |
| 19 | Yumark Enterprises | Qilin | โ | Jan 19, 2026 |
| 20 | Ju Teng International Holdings Ltd | Incransom | Manufacturing | Jan 13, 2026 |
Frequently Asked Questions
How many ransomware attacks have occurred in Hong Kong?
Hong Kong has recorded 79 ransomware victim disclosures in this database, ranking #31 globally. This represents 0.4% of all tracked ransomware attacks worldwide.
Which ransomware groups target Hong Kong?
The ransomware groups most active in Hong Kong are Qilin, Nightspire, Dragonforce, Clop. These groups collectively account for the majority of victim disclosures attributed to Hong Kong.
Which industries are most targeted by ransomware in Hong Kong?
In Hong Kong, the most frequently targeted sectors are Financial Services, Manufacturing, Technology. These industries hold valuable data and often have critical operational requirements that make them attractive ransomware targets.
How does Hong Kong rank globally for ransomware attacks?
Hong Kong ranks #31 globally for ransomware attacks with 79 victim disclosures, representing 0.4% of the worldwide total of 18,180 tracked victims.
How can organisations in Hong Kong protect against ransomware?
Organisations in Hong Kong should implement a layered security approach including regular offline backups, network segmentation, multi-factor authentication, endpoint detection and response (EDR) tools, and employee security awareness training. Monitoring threat intelligence feeds for active groups targeting Hong Kong is also recommended.