As many as 722 ransomware attacks were observed during the
fourth quarter of 2021, with LockBit 2.0, Conti, PYSA, Hive, and
Grief emerging as the most prevalent strains, according to new
research published by Intel 471.
The attacks mark an increase of 110 and 129 attacks from the
third and second quarters of 2021, respectively. In all, 34
different ransomware variants were detected during the
three-month-period between October and December 2021.
“The most prevalent ransomware strain in the fourth quarter of
2021 was LockBit 2.0, which was responsible for 29.7% of all
reported incidents, followed by Conti at 19%, PYSA at 10.5%, and
Hive at 10.1%,” the researchers said in a report[1]
shared with The Hacker News.
Some of the most impacted sectors during the quarterly period
were consumer and industrial products; manufacturing; professional
services and consulting; real estate; life sciences and health
care; technology, media and telecommunications; energy, resources
and agriculture; public sector; financial services; and nonprofit
entities.
Of all the recorded LockBit 2.0 attacks, the countries most
affected included the U.S., followed by Italy, Germany, France, and
Canada. A majority of the Conti infections were also reported in
the U.S., Germany, and Italy. The U.S. remained the most impacted
country for PYSA and Hive ransomware attacks as well.
“Attacks impacting the consumer and industrial products sector
rose by 22.2% from the third quarter of 2021, making it the
most-impacted sector during the fourth quarter,” the researchers
said.
The findings come as a relatively unknown ransomware strain
called Nokoyawa with “striking similarities” to the Hive ransomware
has come to light, with most of its targets located primarily in
Argentina.
“Both Nokoyawa and Hive include the use of Cobalt Strike as part
of the arrival phase of the attack, as well as the use of
legitimate, but commonly abused, tools such as the anti-rootkit
scanners GMER and PC Hunter for defense evasion,” Trend Micro
researchers detailed[2]
last week.
Read more https://thehackernews.com/2022/03/nearly-34-ransomware-variants-observed.html