REvil alone accounted for a significant portion of ransomware attacks in Q2 2021.

In short: McAfee’s latest digital security report cites some dramatic numbers when it comes to ransomware attacks. The computer security provider details several issues. What is striking, however, is how serious ransomware attacks are against one specific group and one type of target.

Computer security company McAfee recently published October 2021 In-Depth Threat Research Report. One of the topics it covers is statistics on ransomware attacks detected by the company in the second quarter of this year. In terms of the number of detections, the top ten ransomware groups included RansomeXX, Ryuk, Netwalker, Thanos, MountLocker, WastedLocker, Exorcist, Conti, Maze and, at the head, REvil.

In the summer, REvil hit the IT management platform Kaseya and, through it, many other companies, demanding $ 70 million for a decryption key to unlock victims’ files. McAfee numbers show that REvil, using the Sodinokibi ransomware payload, was responsible for 73% of the ransomware detections of the top 10 groups in Q2 2021. According to the McAfee report, governments were the most popular targets, followed by telecommunications, energy and the media. …

In the end, security groups provided free decryption keys to the public to unlock systems affected by past REvil attacks. However, it turned out that the FBI could have facilitated the release of the keys earlier than it wished. After the temporary disappearance of REvil recreated and resumed ransomware attacks. REvil also leases its ransomware to other groups looking to carry out attacks, but it looks like they also used backdoors in their software to steal the ransom paid to their customers.

Source link

Leave a Reply

Your email address will not be published.

Back to top button