MalwarebyteLabs has reported that MalasLocker ransomware has become the most dominant ransomware strain, with 556 reported cases of ransomware victims in May. Its primary target countries are Italy and Russia, although the education sector has also seen a significant increase in attacks. MalasLocker initially made headlines in May when it claimed a list of 169 victims after indulging in Zimbra servers for ransomware attacks. The group then soared in June as it registered a staggering 171 victims, surpassing LockBit’s 76 attacks by almost 100. Unlike typical ransomware groups, MalasLocker refrains from demanding monetary ransoms and instead urges victims to contribute to approved charities – positioning itself as the “Robin Hood” of ransomware. However, there are doubts as to whether the group upholds its promise of offering decryption services when a victim donates to charity.
Recently, several other novel ransomware variants have surfaced, including BlackSuit, Rancoz, 8BASE, and RA Group. BlackSuit is a new entrant, similar to Royal ransomware, targeted towards all those using the extensively utilized Linux operating system across various sectors, including enterprise environments and cloud computing platforms. Rancoz modifies leaked source code to tailor attacks for specific industries or regions. 8BASE mainly focuses on small and medium-sized businesses in the Professional/Scientific/Technical sector. Its double extortion strategy involves stealing the victim’s data first, encrypting it, and publishing it on their leak site if the victim refuses to pay the ransom. To date, RA Group primarily targets pharmaceutical, insurance, wealth management, and manufacturing firms in the United States and South Korea.
Organizations can adopt preventative measures to combat ransomware, including blocking common entry points, employing intrusion detection systems, deploying robust endpoint security solutions, maintaining offsite and offline backups, and conducting thorough post-attack eradication to help prevent subsequent attacks. As these cybercriminals adapt their tactics, organizations must remain vigilant and adopt comprehensive security measures to safeguard against potential ransomware attacks.