By employing a multitude of advanced techniques like double extortion along with other illicit tactics, ransomware groups are continually evolving at a rapid pace.
Here below, we have mentioned all the types of ransomware used by the threat actors for their illicit goals and purposes:-.
Two types of ransomware are very popular and used widely by threat actors are:-.
LockBit, a notorious ransomware group, emerged in September 2019, employing a global ransomware-as-a-service model.
BlackCat/AlphV, a suspected successor to dissolved ransomware groups, operates in Rust to avoid detection and successfully encrypt victims' files, and this ransomware group targeted:-.
ALPHV/BlackCat is the first Rust-written ransomware, requiring a specific access token and featuring encrypted configurations, including:-.
The Clop ransomware emerged in 2019 and used a collaborative ransomware-as-a-service model with sophisticated social engineering tactics.
The operators of Clop employ double extortion tactics, which is why they threaten their victims to expose or sell their sensitive data along with high cryptocurrency demands, which shows the sharp shift from typical ransomware trends.
Royal Ransomware emerged in 2022 as a sophisticated threat, ranking among the year's most terrifying campaigns.
Unlike typical ransomware, Dev-0569, a private group, directly purchases network access and utilizes double extortion tactics, which distinguishes it from other cybercrime operations.
Black Basta ransomware surfaced in February 2022 with a multitude of unique traits.
Since Dec 2019, the Ragnar Locker ransomware and its operators have targeted global infrastructure, hitting the following entities:-.
Operating on Windows by exploiting Remote Desktop Protocol, the group demanded huge payments using a double extortion strategy.
While Ragnar Locker ransomware is considered one of the most dangerous, as it has a high threat level due to critical infrastructure attacks.
Vice Society is a Russian-speaking hacking group that emerged in 2021.
This threat group specializes in ransomware attacks on the following sectors:-.
Everest has been active since Dec 2020, and it has transitioned from data exfiltration to ransomware and now focuses on Initial Access Broker services.
This notorious group is known for hitting AT&T and South American government entities, and besides this, it's been linked to the following ransomware:-.
Uncommonly, the group acts as an Initial Access Broker, a shift from direct ransomware attacks, which is a rare move in the cybercriminal landscape.
BianLian ransomware first emerged in June 2022 and is written in the Go language.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 02 Jan 2024 08:56:28 +0000