Categories: Ransomware

New Ransomware Attacks Demand Cash From The Customers of Victims Too

Nowadays ransomware attacks are increasing rapidly, and the threat actors are demanding huge ransom in return. As cybercriminals are making their moves advanced by specializing in ransomware attacks and the newly uncovered attacks are demand ransom from the victim’s customers.

The ransomware attackers are using double extorsion methods to deploy the victim’s data that is being stolen. new attacks are using triple extortion methods with the motive of making more money from the victims through their all malicious activities.

Recently, cybersecurity experts have found an average of 1,000 entities that were attacked by ransomware attacks every week. 

After investigation, the experts pronounced that the attack rate has increased by 21% in the first trimester of 2021 and a 7% increase in April.

The FBI has recently asserted that they have found that the DarkSide hacker group is using the triplet extortion method for ransomware attack on the Colonial Pipeline network.

Apart from this, the Check Point research team has confirmed that DarkSide is using advanced methods in their ransomware attacks.

Top Ransomware Targets

As we said above that the attacks are increasing rapidly in a short period of time, as compared to the earlier report of 2020. And the Check Point research team has noted that nearly 1000 organizations were affected every week.

Among all the sectors, health cares sectors were attacked most among the sectors, as per the volume rate nearly 109 attacks occurred per organization every week.

However, in the ransomware attack on the Colonial Pipeline network, the utility sector has encountered nearly 59 attacks per organization per week. 

On the other side, the legal and insurance sectors have witnessed 34 attacks, and the North American organizations have encountered 29 attacks.

While Europe and Latin America have each encountered 14 attacks each week, but among them all, the Asia Pacific organizations have experienced the highest number of ransomware attacks with 51 per week.

Triple extortion

The triple extortion is recently being used by the attackers, and it started at the end of 2020. However, in this triple extortion method, the attackers send ransom demands also to the customer or any other third party who is lined with the stolen data apart from the attacked organization. 

The very first case of triple extortion is the Vastaamo clinic which is being attacked in October 2020. And here the threat actors have demanded a lump sum amount of ransomware from the clinic.

Moreover, the attackers have also emailed the patients directly and demanded a smaller sum of money from them and if they don’t cooperate with attackers then attackers would leak their therapist session details. 

Recommendations

The analysts of Check Point have affirmed some basic recommendation that is to be followed by the organizations to bypass such unwanted ransomware attacks and here they are mentioned below:-

Have a strict regular checkup on holidays as well as on weekends:-

  • Remember to update your patches timely.
  • Always prefer using anti-ransomware tools.
  • Give a full guide regarding the ransomware attacks to the users.
  • Try to scan your networks so that you can stop ransomware attacks before it starts.

Apart from these things, the Check Point research team is trying their best to overcome such attacks, with advanced methods to stop or mitigate these unwanted ransomware attacks.

So, until then the researchers have strongly recommended all the organizations to follow the recommendations that they have suggested.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability

Zohocorp, the company behind ManageEngine, has released a security update addressing a critical SQL injection…

18 hours ago

Citrix Virtual Apps & Desktops Zero-Day Vulnerability Exploited in the Wild

A critical new vulnerability has been discovered in Citrix’s Virtual Apps and Desktops solution, which…

18 hours ago

Sonatype Nexus Repository Manager Hit by RCE & XSS Vulnerability

Sonatype, the company behind the popular Nexus Repository Manager, has issued security advisories addressing two…

21 hours ago

GeoVision 0-Day Vulnerability Exploited in the Wild

Cybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices, which…

22 hours ago

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors…

4 days ago

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers…

4 days ago