Security News > 2021 > August > Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc
Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims.
"While the ransomware crisis appears poised to get worse before it gets better, the cast of cybercrime groups that cause the most damage is constantly changing," Palo Alto Networks' Unit 42 threat intelligence team said in a report shared with The Hacker News.
The development comes as ransomware attacks are getting bigger and more frequent, growing in size and severity, while also evolving beyond financial extortion to an urgent national security and safety concern that has threatened schools, hospitals, businesses, and governments across the world, prompting international authorities to formulate a series of actions against both operators of ransomware and the broader ecosystem of IT and money laundering infrastructure that's abused to siphon funds.
Last to join the list is LockBit 2.0, an established ransomware group that resurfaced in June with 2.0 version of their affiliate program touting its "Unparalleled benefits" of "Encryption speed and self-spread function." Not only do the developers claim it's "The fastest encryption software all over the world," the group offers a stealer named StealBit that enables the attackers to download victims' data.
Since its June 2021 debut, LockBit 2.0 has compromised 52 organizations in accounting, automotive, consulting, engineering, finance, high-tech, hospitality, insurance, law enforcement, legal services, manufacturing, non-profit energy, retail, transportation, and logistics industries spanning across Argentina, Australia, Austria, Belgium, Brazil, Germany, Italy, Malaysia, Mexico, Romania, Switzerland, the U.K., and the U.S. If anything, the emergence of new ransomware variants show that cybercriminals are doubling down on ransomware attacks, underscoring the extremely profitable nature of the crime.
"With major ransomware groups such as REvil and DarkSide lying low or rebranding to evade law enforcement heat and media attention, new groups will emerge to replace the ones that are no longer actively targeting victims," the researchers said.