Google has published a report, after commissioned cybersecurity firm VirusTotal to conduct the analysis, which entailed reviewing 80 million ransomware samples from 140 countries.
Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the UK were the 10 most affected territories based on the number of submissions reviewed by VirusTotal.
Israel had the higher number of submissions and that amount was a nearly 600% increase from its baseline amount of submissions, activity of Raas group GandCrab peaked the charted.
Babuk ransomware gang, a ransomware operation that was launched at the beginning of 2021 peaked in the month of July 2021. It’s attack generally features three distinct phases: Initial access, network propagation, and action on objectives.
GandCrab was the most active ransomware gang since the start of 2020, accounting for 78.5% of samples. GandCrab was followed by Babuk and Cerber, which accounted for 7.6% and 3.1% of samples, respectively.
95% of ransomware files detected were Windows-based executables or dynamic link libraries (DLLs) and 2% were Android-based. Only exploits consisted of only a small portion of the samples 5%.
In terms of ransomware distribution attackers don’t appear to need exploits other than for privilege escalation and for malware spreading within internal networks.