Four most dangerous and destructive ransomware groups of 2022

Share post:

With ransomware attacks becoming one of the most dangerous cyber threats in the world, Tech Republic has identified four of the most dangerous and destructive ransomware groups of 2022.

ALPHV, also known as BlackCat, is at the top of the list. It specializes in ransomware-as-a-service, where it delivers the malware and infrastructure to partners who then carry out the actual attacks. ALPHV is allegedly associated with the BlackMatter/DarkSide group, which was responsible for the infamous ransomware attack on the Colonial Pipeline in 2021.

The second, Black Basta, is a Ransomware-as-a-Service (RaaS) group consisting of former Conti and REvil ransomware gang members with whom it shares tactics, techniques and procedures. It increasingly infiltrates organizations by exploiting unpatched security flaws and publicly available source code. It also frequently employs double extortion tactics and threatens to disclose the stolen data publicly if the ransom is not paid. DDoS attacks are also used by the group to induce their victims to pay the ransom.

Hive, the third focuses on the industrial sector, academic and educational services, science and healthcare companies, as well as energy, resource, and agriculture companies. It reportedly hires penetration testers, access brokers, and threat actors to encrypt hundreds of megabytes to more than four gigabytes of data per minute.

The fourth is the LockBit 3.0 ransomware. Allegedly, it contained an updated data leak blog, a bug bounty program and new ransomware features. It prefers low-profile attacks and tries to avoid making headlines. The TTPs and software of the gang are constantly evolving and adapting. LockBit also employs a proprietary information stealer known as StealBit, a file grabber, which clones files from the network of the victim quickly into a LockBit-controlled infrastructure.

The sources for this piece include an article in TechRepublic.

SUBSCRIBE NOW

Related articles

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Microsoft MFA Outage Blocks Access to Microsoft 365 Apps, Raising Cloud Reliability Concerns

Microsoft faced another significant service disruption over the weekend, with a Multi-Factor Authentication (MFA) outage that blocked users...

Cyber Attack Hits Key Dutch University, Raising Concerns for Chip Giant ASML

Eindhoven University of Technology, a critical partner for semiconductor giant ASML Holding NV, has been hit by a...

Researcher Finds Critical Facebook Server Flaw, Warns Other Platforms May Be at Risk

Security researcher Ben Sadeghipour recently discovered a critical vulnerability in Meta’s Facebook ad platform that allowed him to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways