Ransomware is one of the largest malware threats organizations face today. Time and again cybersecurity researchers have warned of new and rising malware that could pose massive security threats to organizations and businesses. Recently, cybersecurity researchers at Palo Alto Networks released a report on four ransomware groups to look out for. The researchers believe these groups are the next threat that organizations and businesses should be prepared for.
LockBit 2.0, earlier known as ABCD ransomware, has been recently making headlines in different parts of the world. Ransomware has been around since 2019 and with time it has gained popularity among cyber attackers. This new version is touted to be even more advanced and one of the fastest file-encrypting malware available on the internet today. LockBit 2.0 has hit several industries and its victims include organizations around the world, namely Australia, Italy, Argentina, the UK, Brazil, and Malaysia, among others. Recently, the IT giant Accenture confirmed being a victim of LockBit 2.0, although it was able to restore its data from back-ups without having to give in to the attacker's demands.
LockBit 2.0 isn’t the only ransomware that one should be aware of—Hive ransomware has recently started making the rounds, first starting operations in June 2021. It is a double-extortion ransomware that has infected 28 organizations since its inception, including three US-based organizations and a European airline company. The hackers behind the ransomware leverage stolen data and double extortion to force victims into paying the ransom.
Another new emerging threat is AvosLocker ransomware, which first came to light in July this year. AvosLocker is offered as a ransomware-as-a-service (RaaS) scheme that includes operators taking care of ransoms negotiation. This form of ransomware has attacked several organizations, including law firms in the United Kingdom and the United States. The group behind AvosLocker was observed promoting its RaaS program and looking for affiliates on dark web discussion platforms and other similar platforms. The initial ransom demands range from $50,000 to $75,000.
Another emerging ransomware in the market is Hello Kitty ransomware which first appeared in December of last year (2020). It is known to target Windows systems. However, in July cybersecurity researchers at Palo Alto tracked a Linux variant of the ransomware specifically targeting VMware’s ESXi hypervisor that is mostly used in cloud and on-premises data centers. The ransomware compromised five organizations across Germany, the US, Netherlands, Australia, and Italy. The cyberattackers behind this form of ransomware have demanded as much as $10 million from one victim in Monero but have received $1.48 million in three different transactions. The operators were also accepting ransom payments in Bitcoin.
The rise of these four ransomware groups goes to show that even as some successful ransomware gangs fade, fresh groups emerge to quietly take their place. Some older ransomware groups paved the way for these new emerging threats, giving them a successful model to sneak their way in to carry out operations. To help prevent organizations and businesses from these emerging threats, researchers recommend applying timely security patches along with applying multi-factor authentication to all users on the immediate network. Businesses should also regularly back up their data and preferably store their data offline.
For more news and updates, visit https://blog.excellimatrix.com/
You can also reach out to us on Facebook, & LinkedIn or Contact us directly