Cl0p, a Ransomware-as-a-Service (RaaS), has emerged as the ‘nastiest’ malware in the calendar year. The platform has been extensively used, resulting in an increase in the average ransom payment which is rapidly approaching three-quarters of a million dollars.
Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit in the OpenText’s ‘Nastiest Malware’ rankings in 2023.
Black Cat, which figured in the 2021 edition of the Nastiest Malware report, believed to be the successor to REvil ransomware group, has built its RaaS platform on the Rust programming language. It made headlines for taking down MGM Casino Resorts.
“Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data,” an OpenText report said.
“A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities,” Muhi Majzoub, Executive Vice-President and Chief Product Officer, OpenText, said.
“There is a silver lining as research shows only 29 per cent of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom,” the official said.
Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. “They have gained a reputation for targeting all types of industries indiscriminately,” the report said.
“This year’s list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target,” it said.