Loading...

India sees spike in ransomware, banking malware in H1 2022

India sees spike in ransomware, banking malware in H1 2022
Photo Credit: Pixabay
5 Sep, 2022
Loading...

Researchers have found a spike in ransomware, banking trojans and other cyber-attacks across the globe including in India and as per recent data from Japanese cybersecurity firm, Trend Micro. The data showed that India ranks third in terms of Emotet attacks, a kind of malware originally designed as a banking Trojan and is aimed at stealing financial data.  

Data from Trend Micro shows that Emotet has continued to thrive in 2022. The first half of 2022 saw a whopping 976.7% increase in Emotet detections at 1,48700, compared to the first half of 2021 which was pegged at 13, 811. 

Japan leads with 107,669, followed by the US (4,937) in the second spot and India occupying the third place (3,729) number of detection. Italy (3,442) and Brazil (3,006) are the other countries with the highest number of Emotet detections in the first half of 2022. These attacks have globally increased by over 10 times in the first half of 2022 compared to the first half of the previous year, likely because of prolific threat actors using it as part of their operations, the research said. 

Loading...

A March 2022 report by American cybersecurity firm Palo Alto Networks also noted Indian firms are facing an onslaught of malware and ransomware attacks, with the latter seeing an increase by 218% year-on-year (YoY) in 2021.

Further, the research also saw 75% increment in the ransomware attacks that target Linux operating systems in the first half of 2022 compared to the first half last year. There has been an increase of new Linux ransomware families in 1H 2022 which was pegged at 1,961 as against 1,121 in H1 2021.

In July this year, researchers at ReversingLabs, a security vendor, discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected on July 19, which targeted firms in the industrial and pharmaceutical space.

Loading...

Researchers at Trend Micro noted, “We observed how malicious actors favoured ransomware-as-a-service (RaaS) methods for faster deployments and bigger pay-outs. They also used relatively new ransomware families in high-profile attacks and increasingly targeted Linux-based systems with attacks.” 

Based on the data, there were 67 active Ransomware-as-a-service (RaaS) and extortion groups and over 1,200 victim organisations that were reported in the first six months of this year alone. 

Major players like LockBit and Conti were detected with a 500% YoY increase and nearly doubled the number of detections in six months, respectively. The RaaS model has generated significant profits for ransomware developers and their affiliates, it said.

Loading...

Not only Trend Micro, in its recent mid-year cyber threats report, published last month, Switzerland-based cyber security firm Acronis also said, ransomware is worsening with organised groups, like Conti and Lapsus$,  inflicting serious damage to government and businesses across the globe.