VirusTotal Shares Knowledge on Ransomware Exercise


Attackers employed round 130 ransomware households in 2020 and the primary half of 2021, with the GandCrab variant essentially the most energetic, in keeping with newly launched information from VirusTotal’s first-ever ransomware report.
VirusTotal, which is a part of Google, studied some 80 million ransomware samples that had been uploaded to the net malware scanning platform over the previous year-and-a-half. Subsequent in line for essentially the most energetic ransomware households had been Babuk, Cerber, Matsnu, Congur, Locky, Teslacrypt, Rkor, and Reveon, in keeping with Google’s VirusTotal report findings.
Some 140 nations submitted samples, led by Israel after which South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the UK.
Ransomware assaults have change into a giant precedence within the US authorities currently as many high-profile corporations (suppose: Colonial Pipeline) and healthcare organizations have been hit and suffered main operational disruption. Most just lately, the US Division of Justice (DoJ) launched the Nationwide Cryptocurrency Enforcement Crew to crack down on the unlawful use of cryptocurrency, the nameless fee conduit of selection by ransomware operators. It additionally introduced the Civil Cyber-Fraud Initiative to make sure authorities contractors disclose their cybersecurity protocols and cyberattacks to be able to defend businesses from provide chain-related cyberattacks.
Ransomware-as-a-Service”We noticed peaks of ransomware exercise within the first two quarters of 2020, primarily as a result of ransomware-as-a-service group GandCrab (although its prevalence decreased dramatically within the second half of the yr),” mentioned Vicente Diaz, risk intel strategist at Google’s VirusTotal, in a weblog submit. “One other sizable peak occurred in July 2021, pushed by the Babuk ransomware household – a ransomware operation launched originally of 2021 that was behind the assault on the Washington DC Metropolitan Police Division.”
Diaz famous that enormous ransomware campaigns come and go, however some 100 ransomware households always flow into within the wild. Attackers use botnets and distant entry Trojans (RATs) to move ransomware, usually with new samples of ransomware.