Ransomware, alongside COVID-19, has dominated the years’ headlines, positioning it as the most observed threat of 2020. Recorded ransomware attacks have multiplied dramatically since the beginning of 2020, accounting for a third of all recorded attacks in the past 12 months.
Microsoft’s latest Digital Defense Report has taken a deep dive into this and other cybercrime trends, utilizing its knowledge of, and insights into, desktop, server, enterprise, and cloud ecosystems. Of all activity analyzed, the report cites ransomware as the most disruptive threat of 2020, and the most common reason behind its own incident response engagements between October 2019 and July 2020. The report reveals that this year threat actors have typically spent much less time within a system once they’ve gained access to it. Instead, they have capitalized on the chaos caused by the COVID-19 pandemic and launched attacks much sooner than they historically would have.
This blog will observe key threat actors behind such attacks in 2020, studying regional malicious activity in Europe, USA, LATAM, and beyond.
Europe
Germany
One such actor is DoppelPaymer Group (a.k.a. GOLD HERON), a splinter of the infamous Dridex Group, known for using modified Dridex banking trojan in its operations. Originating in Russia, DopelPaymer is a sophisticated crime-syndicate known to ruthlessly publish stolen information via the doppelleaks website should its victims not pay the demanded ransom.
Using Dridex to infiltrate its victims, this group will then move laterally across the infected systems in order ..
Support the originator by clicking the read the rest link below.
