Ransomware is probably the type of cybercrime that has made headlines the most in 2021, and 2022 seems to follow that trend. Yet it is still evolving, and new ransomware seems more adaptive, resilient and more industrialized. According to Kaspersky in a new
report, cybercriminals continue to use ransomware to threaten nationwide retailers and enterprises, as old malware variants come back while new ones develop.
A careful technological and geopolitical analysis from late 2021 and 2022 brings Kaspersky to list a few new trends in ransomware.
Ransomware try to be as adaptive as possible
Big Game Hunting
The
Big Game Hunting (BGH) model has made it so that ransomware threat actors have been penetrating more and more complex environments. As a consequence, those threat actors need to deal with a variety of very different hardware and operating systems, and therefore need to be able to run their malicious code on different combinations of architectures and operating systems.
To achieve that goal, some ransomware developers chose to write their code in cross-platform programming languages like Rust or Golang. On an interesting sidenote, Kaspersky mentions that such cross-platform code is also more difficult to analyze for defenders than code written in plain C programming language, for example.
Conti
Conti threat actor affiliates make use of different ransomware versions. A few affiliates of Conti have access to a variant of the malware that is
hitting ESXi systems with a Linux variant.
...
...
