In 2023, ransomware attacks have become more widespread and feared than ever before.
A research conducted by Visa Inc. found that March this year saw the highest number of cyberattacks yet, with a rise in ransomware 91% compared to February and 62% from March 2022.
There are mainly two factors that make these campaigns so fearsome. First of all, there is the growing use of ransomware gangs’ services Artificial intelligence come ChatGPT (or its “evil twin” known as FraudGPT) to mass produce highly personalized and credible emails, therefore ideal for phishing.
Second, the proliferation of do-da-te ransomware kit highly professional, often accompanied by technical telephone support, represents an opportunity for novice hackers. These two factors are generating a new generation of cybercriminal gangs, capable of joining the already established gangs.
A clear example, in this sense, is Rhysida, a new group Ransomware-as-a-Service (RaaS) emerged in May 2023 Rhysida works as a cryptographic ransomware application Windows Portable Executable (PE) a 64 bit distributed via phishing attacks or by dropping payloads on compromised systems after distributing Cobalt Strike or similar command and control frameworks. Once deployed, Rhysida encrypts your files and demands payment bitcoin via a portal based on TOR.
Novice hackers and ransomware: the reason for the recent boom
It should also be considered that not all threat actors populating today’s ransomware landscape belong to a highly organized group, nor do they all represent the same threat.
This dynamic was brought to light when the relatively inexperienced creators of the malware Titan Stealer, an information theft first documented in November 2022, have sought to emulate the success of industry leaders. On Telegramthe creators touted Titan’s ability to steal credentials from crypto wallets, data from the browser and not only.
Titan also came bundled with a web panel to facilitate access to stolen data, should users wish to release it, at a very competitive price of 150 dollars for a basic monthly subscription or $1,000 for a premium package.
But this is not the only RaaS potentially within the reach of the most inexperienced hackers. Raccoon Stealerfor example, has a price of $75 a week o 200 per month. Regardless of the malicious tool, therefore, there is talk of a low financial barrier to entry for aspiring cybercriminals with even rudimentary hacking skills.
All this, however, also has a downside. In fact, the many RaaS services also offer points of reference for security experts. Simply purchase a kit to be able to analyze and simulate attacks to study their behavior in depth.
For ordinary users, the recommendations always remain the same. A high level of attentionthe maintenance of one’s own updated software and a good one antivirus they can be of great help in combating the ransomware phenomenon.
