According to the most recent WatchGuard Internet Security Reportthe findings of ransomware I am increased by 627% in the fourth quarter of last year. This underlines how these threats are increasingly concrete.
Remaining constantly vigilant is essential to protect yourself effectively, and part of this vigilance is keeping tabs on tactics eh method constantly evolving used for campaigns of this type. In this sense, security teams have identified three potential situations that constitute the most worrying trends in the sector.
The first is what concerns the so-called pseudo-ransomware. This new threat experienced a real boom with the outbreak of the war between Russia and Ukraine.
This type of attack uses techniques typical of conventional ransomware, but simply attacks delete data, causing harm, versus extortion. Therefore, refined techniques such as are not used encryption to make the files inaccessible.
These campaigns are also named wiper, as they aim to erase as much information as possible. Among the many attacks that fall into this category, we can mention WhisperGate, PartyTicket (also known as HermeticRansom), Azov, Dreams e RU Ransom.
From pseudo-ransomware to double extortion: all the techniques of cybercriminals
The second trend that doesn’t let experts sleep peacefully is the propensity to use programming languages Rust to develop ransomware.
In fact, this is a language called “multiparadigma” which offers high performance compared to the competition. The first known group to use Rust was Alphav (also known as BlackCat o Noberus) before other groups followed suit. Meanwhile, other operations such as Agenda, Luna e Nokoyawa have used Rust or variations of this language.
Finally, the growing popularity of double extortion attacks. These involve a cybercriminal who encrypts a target’s files and also steals a copy of them. The victim is then told that if the ransom demand is not met, those files will be released publicly.
Unfortunately, cases of double extortion are occurring at an ever-increasing rate. Some groups have threatened victims with DDoS attacks (Distributed Denial of Service) or have contacted their customers and clients to enforce payment.
In fact, for anyone who frequents the internet even occasionally, it is best to always remain alert and protect yourself with adequate cyber defense tools.
