Ransomware gangs adopt new techniques to avoid detection

Last year ransomware was flourishing, this year it’s in full bloom

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

DespiteREviland some of the other most notoriousransomware gangsbeing shut down this year, the cybercriminals behind them have continued to develop and succeed with new cross-platform capabilities, updated business processes and more.

Over the past few years,ransomwareoperations have grown from their clandestine and amateur beginnings to become fully-fledged businesses with distinctive brands and styles that rival each other on thedark web. To raise awareness in advance of Anti-Ransomware Day, the cybersecurity firmKasperskyhas released a new report highlighting some of the new ransomware trends spotted so far this year.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

The first trend of note is the abundant use of cross-platform capabilities by ransomware groups which allow them to damage as many systems as possible using the samemalwareby writing code that can be executed on multiple systems at once.Contihas been one of the most active groups this year and it developed a variant of its ransomware that can be distributed through select affiliates and targets devices runningLinux distrosas well as Windows machines.

At the same time, ransomware groups have continued activities to facilitate their business processes. These activities include rebranding to divert the attention of law enforcement as well as updating exfiltration tools. Meanwhile some groups have developed and implemented their own custom and complete toolkits which resemble those put out by legitimate software companies. TheLockbitransomware group stands out for this as the organization provides regular updates for its toolkits and often applies repairs to its infrastructure.

Taking sides

Taking sides

Ever since Russia’sinvasion of neighboring Ukrainebegan on February 24, it has led businesses, governments and individuals to take sides regarding the conflict.

According to Kaspersky though, this was also the case oncybercrime forumsand with ransomware groups who began taking sides. As a result, there were a number of politically motivated attacks during Q1 of this year which cybercriminals carried out either in support of Russia or Ukraine.

REvil ransomware group is back with a vengeance>Microsoft wants to try and kill off ransomware for good>IT workers believe ransomware is as serious as terrorism

One of the new malware strains that was discovered during the conflict is named Freeud and it was developed by Ukraine supporters. Instead of encrypting the systems of its targets, Freud features wiping functionality and if a target contains any items from a list of files, the malware wipes them from a victim’s system.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Senior security researcher at Kaspersky’s global research and analysis team, Dmitry Galov provided further insight on the company’sNew Ransomware Trends in 2022report in apress release, saying:

“If last year we said ransomware is flourishing, this year it’s in full bloom. Although major ransomware groups from last year were forced to quit, new actors have popped up with never before seen techniques. Nevertheless, as ransomware threats evolve and expand, both technologically and geographically, they become more predictable, which helps us to better detect and defend against them."

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

I’m a Nintendo Switch expert, here are the five best early Black Friday deals right now