As interconnectivity turns the world into a global village, cyberattacks are expectedly on the rise. According to reports, the tail end of last year saw a spike in the average amount of payments made to ransomware attackers, as several organizations were forced to pay millions of dollars to have their files released by malware attackers.
Apart from the fact that the current pandemic has left many individuals and corporations vulnerable to attacks, the notion that cryptocurrencies are an anonymous and untraceable payment method has led many ransomware attackers to demand payment in Bitcoin (BTC) and other altcoins.
Just recently, a report published on June 23 by cybersecurity firm Fox-IT revealed a malware group named Evil Corp that has been on a rampage with new ransomware that demands its victims to pay a million dollars in Bitcoin.
The report also reveals that groups such as Evil Corp create ransomware that targets database services, cloud environments and file servers intending to disable or disrupt backup applications of a company’s infrastructure. On June 28, cybersecurity firm Symantec reported blocking a ransomware attack by Evil Corp that targeted about 30 United States firms demanding Bitcoin in payment.
These attempted attacks are just the most recent examples of the escalating threat of ransomware attacks. Below are some of the most malicious ransomware demanding payment in crypto.
WastedLocker is the latest ransomware created by Evil Corp, a group that has been active since 2007 and is regarded as one of the most lethal cybercrime teams. After the indictment of two alleged members of the group, Igor Turashev and Maksim Yakubets, in connection to the Bugat/Dridex and Zeus banking trojans, Evil Corp reportedly reduced its activity.
However, researchers now believe that as of May 2020, the group has resumed attacks once again, with the WastedLocker malware as its latest creation. The malware has been named “WastedLocker” due to the filename created by the malware, which adds an abbreviation of the victim’s name to the word “wasted.”
By disabling and disrupting backup applications, database services and cloud environments, WastedLocker prevents its victims’ ability to recover their files for a longer period of time, even if there is an offline backup setup. In cases where a company lacks offline backup systems, recovery can be prevented indefinitely.
Researchers, however, note that unlike other ransomware operators that leak victim’s information, Evil Corp has not threatened to publish victims’ information in order to avoid attracting public attention to itself.
DoppelPaymer is ransomware designed to encrypt the files of its target, preventing them from accessing files and subsequently encouraging the victim to pay a ransom to decrypt the files. Used by an eCrime group called INDRIK SPIDER, the DoppelPaymer malware is a form of BitPaymer ransomware and was first discovered in 2019 by…