Ransomware Variants are on the Rise
Table of Contents
- By David Lukic
- Published: Dec 27, 2021
- Last Updated: Mar 18, 2022
Ransomware hackers are rapidly progressing. The digital thieves have advanced their attacks to include even more complex tactics for deploying malware on targeted systems. Though law enforcement has stepped up to the challenge of ransomware, digital security specialists cannot keep pace with the evolution of this file-encrypting malware.
How are Ransomware Attackers Evading Digital Security Protections?
Most people have heard of Software-as-a-Service, commonly referred to with the acronym of SaaS. However, not everyone has heard about Ransomware-as-a-Service, or RaaS for short. RaaS groups are seizing the opportunity to take advantage of vulnerable computers and networks. Access to these compromised computers and networks is sometimes sold to third parties.
The RaaS groups responsible for most ransomware attacks today are quite different from those that were highly active merely a couple of months ago. Researchers with Intel 471 made it clear that ransomware attacks are increasing in frequency despite expanding the malware’s variants.
Ransomware hackers invest a considerable amount of time and effort in altering their techniques. The hard work has paid off. Ransomware hackers are successfully sidestepping law enforcement digital defenses. Government agencies across the globe have implemented sweeping operations that have proven somewhat effective. The ransomware community has pivoted with strategic alterations of its own. Ransomware hackers are ever-morphing, reappearing in the form of new variants such as REvil, Egregor, Avaddon, and BlackMatter.
What are the new Ransomware Variants?
According to Intel 471, more than 600 ransomware attacks were levied this summer. These attacks are attributable to nearly 40 unique variants. About 60% of the ransomware infections were linked to four variants. LockBit 2.0 is especially destructive, levying one-third of all attacks. The Conti variant is responsible for slightly more than 15% of attacks. The Hive and BlackMatter variants are responsible for about 6% of the attacks. Most of the latest ransomware attacks have zeroed in on businesses in the real estate, consulting, professional services, and industrial products sectors.
Why are Digital Security Professionals Worried About Avos Locker?
The Avos Locker hacking cartel has digital security specialists concerned for a good reason. This group of hackers has ramped up its digital attacks in recent months. The group is implementing new tactics to obtain financial compensation after seizing control of computers and networks.
The Avos Locker collective can disable endpoint security products on targeted systems, then booting to Windows Safe Mode to implement the ransomware. The group also installs a nasty AnyDesk remote administration tool to obtain access to the targeted computer while operating in Safe Mode. This approach is quite creative and effective as it ensures the ransomware is likely to operate in Safe Mode and empower attackers to access the targeted machine remotely.
What are the Other Latest Ransomware Variants of Note?
Everest, a ransomware collective based in Russia, uses ransomware to obtain access to valuable systems then sell that access to others on the black market. Though Everest provides targets with the opportunity to meet its demands, the threat of selling access to the compromised system still looms.
Hive’s RaaS is particularly harsh. This program implements pressure tactics to force targets to pony up ransom payments. Hive’s RaaS attacks have affected 350+ businesses as of late October. Hive’s RaaS attacks started in June.
