ESET Threat Report T3 2021
The latest issue of the ESET Threat Report (covering September to December 2021) sheds light on the most frequent external attack vectors, the reason behind the rise of email threats, and shifts in the prevalence of certain types of threats due to fluctuating exchange rates of cryptocurrencies.
T3 2021 was quite a busy period for ransomware. According to ESET Research, the first and biggest spike occurred on September 9, caused by Sodinokibi/Revil hitting South Africa, only days before the country’s Department of Justice saw its systems encrypted.
Take leaked Babuk source code, add one Sodinokibi ransom note, stir and bake at 200C until December 14, 2021. The final Rook ransomware is best served exclusively to US devices, with a side of its “specific” artwork.
Law enforcement had a busy end of 2021, yet arresting several affiliates of Sodinokibi, and members and affiliates of LockerGoga, MegaCortex, Dharma, Cl0p was just the beginning. It all culminated in January 2022 with arrests of 14 Sodinokibi core members in Russia.
New players in the ransomware game in T3 2021 included AtomSilo, Yanluowang, Khonsari and Macaw locker. The most notable ransomware family was Hive, compromising hundreds of victims, among them MediaMarkt, with a record-breaking USD 240 million ransom demand.
Click here to read the full T3-2021 Threat Report by ESET