"Ransomware Attacks Decline as Gangs Focus on Lucrative Targets"

Ransomware attacks fell by 50% in Q1 2021 as threat actors shifted from using mass spread campaigns to focusing on fewer, larger targets with unique samples, according to the McAfee Threats Report. The researchers stated that the traditional approach of using one form of ransomware to infect and extort payments from many victims is becoming less prominent, mainly because the targeted systems can recognize and block such attempts over time. Instead, the researchers see a trend towards fewer, customized Ransomware-as-a-Service (RaaS) campaigns tailored to larger, more lucrative organizations. The researchers found that the number of prominent ransomware family types declined from 19 in January 2021 to nine in March 2021. The most detected ransomware group in Q1 2021 was REvil, followed by RansomeXX, Ryuk, NetWalker, Thanos, MountLocker, WastedLocker, Conti, Maze, and Babuk strains. Another important finding from the report was that there was a 117% rise in the spread of cryptocurrency-generating coin mining malware, which McAfee said is a result of a spike in 64-bit CoinMiner applications. Unlike ransomware, in which victims’ systems are locked up and held hostage until a cryptocurrency payment is made, Coin Miner malware infects organizations’ systems and then silently produces cryptocurrency using those systems’ computing capacity. This tactic means criminals do not need to interact with the victim, who may be completely unaware they are under attack. In total, McAfee detected an average of 688 new malware threats per minute in Q1 of 2021, representing an increase of 40 threats per minute compared to Q4 of 2020.

Infosecurity reports: "Ransomware Attacks Decline as Gangs Focus on Lucrative Targets"