Sending malware to systems and asking for ransom is not a new activity for hackers. However, ransomware varieties have grown increasingly advanced in their capabilities of evading detection, encrypting files, and asking users to pay ransom against their data. It is one of the prominent cybersecurity threats to SMBs, enterprises, and individuals these days. In this article at Security Boulevard, Pallavi Dutta mentions the top 5 dangerous ransomware attacks you must be aware of.
Top 5 Scariest Ransomware Attacks
MAZE is a sophisticated strain of Windows ransomware that has hit many organizations across the globe. The attackers demand the victims to make cryptocurrency payments in exchange for a safe recovery of encrypted data. What makes MAZE such a significant threat to organizations is that criminals maintain a public-facing website where they post data stolen from victims who refuse to pay an extortion fee.
REvil ransomware is a file blocking virus considered as a severe threat that encrypts files after infection and sends ransom request messages. The messages demand the victim to pay a ransom in bitcoins. However, when the victim does not pay the ransom in time, the demand doubles.
Unlike the common ransomware, Ryuk is exclusively used for tailored attacks. Its encryption scheme is built for small-scale operations so that only crucial assets and resources get infected. “Ryuk ransomware mainly targets business giants and government agencies that can pay huge ransoms in return. It recently targeted a US-based Fortune 500 company, EMCOR, and took down some of its IT systems,” says Pallavi.
The criminals manually deploy the ZIP archive containing a trojanized version of the Java Runtime Environment build after they infiltrate the victims’ network. The attackers use vulnerable and Internet-exposed RDP servers as a stepping stone. This ransomware uses different types of techniques that help to stay hidden. The Tycoon takes advantage of weak or compromised passwords to exploit servers.
NetWalker, also known as Mailto, targets various remote working individuals, enterprises, government agencies, and healthcare organizations. The attackers compromise the network of its victim and encrypt all the Windows devices connected to it. When executed, it uses an embedded configuration that includes ransom note and file names.
To read the original article, click on https://securityboulevard.com/2020/09/top-5-ransomware-attacks-to-watch-out-for-in-2020-2021/.