Skip to main content

Hackers have a new way of forcing ransomware payments

Bad actors are becoming craftier with their methods of ransomware attacks by targeting backup storage to force organizations to pay a ransom, according to the software company Veeam.

In the event of a ransomware attack, companies typically have two options: pay the ransom and hope that their data can be restored through a decryptor sent by the bad actors or ignore the ransom demands and restore their data via a backup option, TechRadar reports.

Kaspersky

However, in its 2023 Ransomware Trends Report, Veeam found that ransomware hackers are going straight to the backup options to force companies to give in to ransom demands.

According to the company’s research that looked at 1,200 organizations that were victims of nearly 3,000 cyberattacks, Veeam claims that 93% of cases saw bad actors attempt to access backups during attacks. They were able to access backups, even partially, in 75% of those cases, while in 39% of cases, companies lost all of their backup data.

Experts at Veeam note that the best practice for organizations to protect against ransomware attacks is by having strong security measures for both original data and backup. The company recommends frequent, automated cyber-detection scans for backups, auto-verification for backup restoration, and using immutable sources — such as immutable clouds and immutable disks — as backup options to aid against data being deleted or corrupted.

While many organizations typically do pay the ransom when their data is compromised, this does not guarantee a recovery of data. Of the 80% of organizations that paid ransom demands, 59% were able to recover their data, while 21% were not, according to Veeam.

Paying ransom demands is up 4% year-on-year, while organizations using a backup option is down 19% year-on-year.

Ransomware attacks are becoming so lucrative that the notorious cybercriminal gang LockBit has set its sights on targeting macOS and Mac computers as of April. The never-before-seen ransomware might be a first for LockBit, as the gang typically develops on Windows, Linux, and virtual host machines.

The Mac-specific ransomware seems to target Apple Silicon Macs and is listed on the web under the build name locker_Apple_M1_64, according to the security research group MalwareHunterTeam.

The group notes that now that news of the ransomware is out in the open, Macs might be more susceptible to cyberattacks.

LockBit is known as a ransomware-as-a-service (RaaS) operation that allows others to purchase their nefarious products for their own unsavory tasks.

Editors' Recommendations

Fionna Agomuoh
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
Hackers have found a way to hack you that you’d never expect
A depiction of a hacker breaking into a system via the use of code.

A security flaw has allowed a ransomware gang to effectively prevent antivirus programs from running properly on a system.

As reported by Bleeping Computer, the BlackByte ransomware group is utilizing a newly discovered method related to the RTCore64.sys driver to circumvent more than 1,000 legitimate drivers.

Read more
This severe TikTok vulnerability gives hackers 70 ways to steal your info
Person's hand holding a smartphone with TikTok's logo on screen, all in front of a blurred background.

After internal testing, Microsoft discovered an exploit in the Android version of TikTok that could have given attackers access to huge amounts of personal data with a single click.

The vulnerability has already been fixed, and it does not appear that anyone has been affected by the exploit. The attackers could have used this vulnerability to access user profiles, allowing outside forces to publicize private videos, send messages, and even upload videos.

Read more
This game lets hackers attack your PC, and you don’t even need to play it
Genshin Impact characters.

Hackers have been abusing the anti-cheat system in a massively popular game, and you don't even need to have it installed on your computer to be affected.

The game in question is called Genshin Impact, and according to a new report, hackers are able to utilize the game's anti-cheat measures in order to disable antivirus programs on the target machine. From there, they're free to conduct ransomware attacks and take control of the device.

Read more