Ransomware attack has stood as a top malware threat in 2018 and is predicted to dominate as same in 2019. According to a study made by security researchers over 1,100 different ransomware infections are found to be preying on innocent web users in the current cyber landscape.
Ā
So, Cybersecurity Insiders brings to you a list of the most popular ransomware attacks of last year which might probably target most of the online users in this year as well.
Bad Rabbit– It’s one of the most popular ransomware attacks which have infected enterprises operating in Russia and Europe so far. It is basically in disguise as an adobe flash installer which drives by download on compromised websites. Hackers are seen using the said malware by injecting it into a Webpage in the form of a javascript. And once a victim clicks on the malicious installer, his/her PC or entire database locks down. Usually, those spreading this ransomware are found demanding $280 in Bitcoin and offer a 40-hour deadline for payments to make. Currently, a decryption key for this ransomware is not available.
Cerber– This ransomware variant is available on the dark web as ransomware as a service(RaaS) and demands 40% of profit share from those who are distributing it. It mainly targets Office 365 users via a phishing campaign and has so far infected millions of computers on a global note. Cerber is spread when an infected Microsoft Word document is sent as an attachment via email and when a user clicks on an infectious link. Presently, no free decryption key is available for this malware variant.
LockerGoga– This ransomware variant is seen mainly circulating on networks associated with manufacturing and industrial sectors and Altran & Norsk Hydro are few of the noted victims. The highlight of this ransomware is that it not only locks down a database but also wipes the encrypted data if the victim fails to follow the instructions. However, the good news is that all noted anti-malware solutions can detect this malware in time.
Ryuk- This is a ransomware variant which is seen spreading since Aug 2018 and the developers of this malware are reported to have gathered over $4.31 million in BTC from over 83 payments. RYUK ransomware spreaders mainly target only those companies which are large when it comes to yearly turnover and headcount. Ryuk encrypts its victim files with a robust military algorithm such as a āRSA4096ā and āAES-256ā and demands a ransom ranging between 15 to 50 bitcoins. A report published in Reuters says that the authors of the RYUK ransomware are based in Russia and a free decryption key is yet to be devised.
SamSam- This ransomware strain has so far targeted critical infrastructure of hospitals, healthcare, city municipalities, and industrial sector. Hackers are seen spreading this malware using Remote Desktop Protocol which goes undetected mostly. A cybersecurity firm from the UK says that the hacking groups involved in spreading SamSam Ransomware have succeeded in garnering over $6 million in ransom payments- demanding a minimum of $50,000 in BTC and causing over $60 million loss to victims.
