Security News > 2021 > June > 3 things you might not know about modern ransomware and how Nefilim makes money
Ransomware attacks are now a team effort that include professional pen testers with malicious intent, access-as-a-service brokers and the ransomware owners who do the negotiation.
The company's new report, "Modern Ransomware's Double Extortion Tactics and How to Protect Enterprises Against Them," explains the modern ransomware attack and Nefilim, a type of malware that illustrates this evolution.
Trend Micro researchers found that modern ransomware attacks are not a job for one hacker group alone; collaboration is the new trend.
"....the smaller cut goes to the group that provides the ransomware and negotiates with a victim while the majority of the profit goes to the group that handles network access and implements the active phase of the attack. Most of the profits go to the affiliate actor responsible for obtaining network access and deploying the ransomware payload.".
Attackers first establish a foothold in the network, then identify the most valuable data and then trigger the ransomware payload. Trend Micro first identified Nefilim in March 2020.
Nefilim has attacked companies in North and South America, Europe, Asia and Oceania, according to Trend Micro's research, and appears to target multibillion-dollar companies more often than other ransomware groups.