- Aug 17, 2014
McAfee Labs released a report on the cyber-threat landscape during the first quarter of 2019. Researchers recorded a worrying 118% growth in new ransomware samples, along with innovative changes in the codes and tactics used to execute it.
While spear-phishing remained popular, the ransomware currently going through a resurgence increasingly targets exposed remote access points like Remote Desktop Protocol (RDP).
RDP credentials can be cracked through a brute-force attack or bought in the cyber-criminal underground and then used to gain admin privileges, granting full rights to distribute and execute malware on corporate networks.
McAfee researchers also observed actors behind ransomware attacks using anonymous email services to manage their campaigns rather than the traditional approach of setting up command-and-control (C&C) servers.
Despite a decline in volume and unique ransomware families in Q4 2018, Q1 2019 saw the detection of several new ransomware families using innovative techniques to target businesses. The most active ransomware families of the quarter were Dharma (a.k.a., Crysis), GandCrab and Ryuk.