Attackers employed round 130 ransomware households in 2020 and the primary half of 2021, with the GandCrab variant essentially the most energetic, in accordance with newly launched information from VirusTotal’s first-ever ransomware report.
VirusTotal, which is a part of Google, studied some 80 million ransomware samples that had been uploaded to the web malware scanning platform over the previous year-and-a-half. Subsequent in line for essentially the most energetic ransomware households had been Babuk, Cerber, Matsnu, Congur, Locky, Teslacrypt, Rkor, and Reveon, in accordance with Google’s VirusTotal report findings.
Some 140 international locations submitted samples, led by Israel after which South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the UK.
Ransomware assaults have develop into an enormous precedence within the US authorities currently as many high-profile corporations (suppose: Colonial Pipeline) and healthcare organizations have been hit and suffered main operational disruption. Most just lately, the US Division of Justice (DoJ) launched the Nationwide Cryptocurrency Enforcement Crew to crack down on the unlawful use of cryptocurrency, the nameless cost conduit of alternative by ransomware operators. It additionally introduced the Civil Cyber-Fraud Initiative to make sure authorities contractors disclose their cybersecurity protocols and cyberattacks as a way to defend businesses from provide chain-related cyberattacks.
“We noticed peaks of ransomware exercise within the first two quarters of 2020, primarily as a result of ransomware-as-a-service group GandCrab (although its prevalence decreased dramatically within the second half of the 12 months),” mentioned Vicente Diaz, menace intel strategist at Google’s VirusTotal, in a weblog submit. “One other sizable peak occurred in July 2021, pushed by the Babuk ransomware household – a ransomware operation launched initially of 2021 that was behind the assault on the Washington DC Metropolitan Police Division.”
Diaz famous that enormous ransomware campaigns come and go, however some 100 ransomware households always flow into within the wild. Attackers use botnets and distant entry Trojans (RATs) to move ransomware, typically with new samples of ransomware.