Webroot.jpg

How malware disrupted our lives

While the list below may define payloads into different categories of malware, note that many of these bad actor groups contract work from others. This allows each group to specialize on their respective payload and perfect it.

 

This year’s wicked winners

 

Lemonduck

 

  • A persisting botnet with a crypto-mining payload and more

  • Infects via emails, brute force, exploits and more

  • Removes competing malware, ensuring they’re the only infection

REvil

  • The Nastiest Ransomware of 2021 that made headlines with supply chain attacks

  • Many attempts to shut down the REvil group have so far failed

  • Their ransomware as a service (RaaS) platform is on offer to other cybercriminals

 

Trickbot

 

  • Decade old banking and info-stealing Trojan and backdoor

  • Disables protections, spreads laterally and eventually leads to ransomware like Conti

  • Extremely resilient, surviving numerous attacks over the years

 

Dridex

 

  • Banking and info-stealing Trojan and backdoor

  • Spreads laterally and listens for domain credentials

  • Eventually leads to ransomware like Grief/BitPaymer/DoppelPaymer

 

Conti

 

  • Longstanding ransomware group also known as Ryuk and likely linked to LockFile ransomware

  • TrickBot’s favorite ransomware

  • Will leak or auction off data if victims don’t pay the ransom

 

Cobalt Strike

 

  • White hat-designed pen testing tool that’s been corrupted and used for evil

  • Very powerful features like process injection, privilege escalation and credential harvesting

  • The customizability and scalability are just too GOOD not to be abused by BAD actors

 

Victimized by malware

 

The good news (I guess) is that last year’s average ransom payment peaked at $200,000 and today’s average is just below $150,000.

The bad news is that hackers are spreading the love and targeting businesses of all sizes. In fact, most victims are small businesses that end up paying around $50,000. Ransomware actors are getting better with their tactics, recruiting talent and providing a streamlined user experience.

The whole process is terrifyingly simple and for every one that gets shut down, two spring up to replace it. To top it off, supply chain attacks are becoming a massive issue.

 

Protect yourself and your business

 

The key to staying safe is a layered approach to cybersecurity backed up by a cyber resilience strategy. Here are tips from our experts.

Strategies for business continuity

 

  • Lock down Remote Desktop Protocols (RDP)

  • Educate end users

  • Install reputable cybersecurity software

  • Set up a strong backup and disaster recovery plan

 

Strategies for individuals

 

  • Develop a healthy dose of suspicion toward messages

  • Protect devices with antivirus and data with a VPN

  • Keep your antivirus software and other apps up to date

  • Use a secure cloud backup

  • Create strong, unique passwords (and don’t reuse them across accounts)

  • If a download asks to enable macros, DON’T DO IT

 

Discover more about 2021’s Nastiest Malware on the Webroot Community.