According to Fortinet, the war in Ukraine has ushered in a new wave of destructive malware around the world that cybercrime groups are increasingly offering as a service.
Security vendors have claimed that wiper malware has spread rapidly beyond Ukraine’s borders in use by the Russian military over the last year. Fortinet recorded a 53% increase in his activity from Q3 to Q4 2022.
Chief Security Strategist Derek Manky said:
“Cybercriminals are now developing their own wiper malware, which is quickly being used across CaaS organizations. Not just any organization can be a target.”
Vendors also warned that threat actors are increasingly reusing old botnets and malware code to launch attack campaigns in a more cost-effective manner.
“Like musicians remixing chart-topping songs, cybercriminals are rethinking old attack strains that have proven successful in the past and reintroducing new and enhanced versions,” explains Manky. To do.
“Late 2022 will see a resurgence of familiar names among botnets and malware variants, many of which were more than a year old.”
These included the IoT botnet Mirai, the remote access Trojan Gh0st RAT, and the infamous Emotet Trojan. Another major strain of his, Lazarus, discovered in late 2022, dates back to 2010, he said.
Elsewhere, Fortinet notes that ransomware poses a significant threat to organizations thanks to the “as-a-service” model (RaaS) used to streamline ransomware use in attacks by numerous affiliate groups. I warned you to keep going.
“By the second half of 2022, the top five ransomware families accounted for about 37% of all ransomware. GandCrab, a RaaS malware introduced in 2018, topped the list,” said Manky. I will explain.
“Many iterations of GandCrab’s heyday were created, even though the threat actors behind GandCrab announced their retirement. There may still be a long tail of variants derived from this operation. , groups like the Cybercrime Atlas Initiative aim to dismantle these large-scale criminal operations forever, making their work essential.”
