Skip to main content
  1. Home
  2. Computing
  3. News

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Ransomware gangs are evolving in new and dangerous ways

By
Add as a preferred source on Google

With digital technology growing at a rapid pace, ransomware gangs and their methods continue to advance at an aggressive rate as well.

This observation was detailed by cybersecurity and antivirus giant Kaspersky via a new report, highlighting fresh ransomware trends that have materialized throughout 2022.

Silhouette of male hand typing on laptop keyboard at night.
Andrew Brookes/Getty Images

Although leading cyber gangs have seen operations ceasing due to shutdowns, groups are still finding ways to develop dangerous strains of malware and ransomware. And their efforts are bearing fruits, Kaspersky stresses.

Recommended Videos

In particular, the company singled out brand new “cross-platform capabilities”, in addition to “updated business processes” and more.

Before we delve into the aforementioned aspects, it’s important to outline what ransomware is exactly. Simply put, it’s a type of code or software that affects files, folders, or the entire operating system of a PC.

Once it has successfully infiltrated its target, ransomware groups will then demand money from the victim if they want to unlock access to their computer.

“If last year we said ransomware is flourishing, this year it’s in full bloom.”

“Ransomware operations have come a long way — from clandestine and amateur beginnings to fully-fledged businesses with distinctive brands and styles that rival each other on the dark web. They find unusual ways to attack their victims or resort to newsjacking to make their attacks more relevant,” Kaspersky said.

The rise of cross-platform programming languages

As for the “prolific use” of cross-platform capabilities, Kaspersky points out that this method is particularly effective in damaging “as many systems as possible with the same malware by writing code that can be executed on several operating systems at once.”

Cross-platform programming languages, Rust and Golang, started picking up steam among the ransomware community during the latter stages of 2021.

For example, a leading group that is an ever-present name in the ransomware space, Conti, has managed to design a variant that is spread via certain affiliates in order to target Linux-based systems.

BlackCat, labeled as a “next-generation” malware gang, was mentioned as another group — one that has apparently attacked more than 60 organizations since December 2021. Rust was its language of choice for developing malware strains.

Elsewhere, a group known as DeadBolt relied on Golang instead for its ransomware endeavors. This cyber gang is notorious for its attacks on QNAP (network-based storage devices from a Taiwanese company).

Ransomeware groups are starting to evolve

Another trend that Kaspersky detailed is the fact that ransomware groups have not only been relying on more advanced tactics for their overall operations, but throughout late 2021 and the opening stages of 2022, they’ve also “continued activities to facilitate their business processes, including regular rebranding to divert the attention of the authorities, as well as updating exfiltration tools.”

Certain groups have developed and started to use entire toolkits that “resembled ones from benign software companies.”

“Lockbit stands out as a remarkable example of a ransomware gang’s evolution. The organization boasts an array of improvements compared to its rivals, including regular updates and repairs to its infrastructure. It also first introduced StealBIT, a custom ransomware exfiltration tool that enables data exfiltration at the highest speeds ever – a sign of the group’s hard work put towards malware acceleration processes.”

Dmitry Galov, a senior security researcher at Kaspersky’s Global Research and Analysis Team, commented on the state of affairs with a summary:

“If last year we said ransomware is flourishing, this year it’s in full bloom. Although major ransomware groups from last year were forced to quit, new actors have popped up with never before seen techniques. Nevertheless, as ransomware threats evolve and expand, both technologically and geographically, they become more predictable, which helps us to better detect and defend against them.”

Google, meanwhile, somewhat mirrored the same remark when it analyzed the record number of zero-day hacks in 2021.

“Zero-day exploits are considered one of the most advanced attack methods an actor can use, so it would be easy to conclude that attackers must be using special tricks and attack surfaces. But instead, the zero-days we saw in 2021 generally followed the same bug patterns, attack surfaces, and exploit “shapes” previously seen in public research.”

Still, that’s not to say that malware and ransomware don’t pose a dangerous threat in today’s digitally-driven world. In fact, ransomware in particular is an extremely lucrative business for cybercriminals. In 2021 alone, this crime type saw $49.2 million in losses for innocent individuals.

The fact that the rise in malware is more commonplace than ever before is not going unnoticed among the leading technology giants.

Microsoft recently confirmed a new initiative where businesses can use the company’s in-house security services and experts to combat cybercrime and strengthen their digital security measures.

Zak Islam
Zak Islam
Former Contributor
Zak covers the latest news in the technology world, particularly the computing field. A fan of anything pertaining to tech…
Topics
Asus unveils the 320W ROG Strix Scar 18 with RTX 5090, but it’s the CPU that steals the show
Asus extracting 81% more CPU wattage from the 2026 Strix SCAR 18 while Nvidia keeps the GPU locked at 175W is the most interesting story in this spec sheet.
Computer, Electronics, Laptop

Asus has announced a new gaming laptop, the ROG Strix Scar 18 (2026), with a claim that it’s the most powerful gaming laptop the company has ever built. 

The main highlight of the device is the 320W of total system power: 145W to the Intel Core Ultra 9 290HX Plus and 175W to the Nvidia GeForce RTX 5090 laptop GPU. While the CPU offers a meaningful upgrade over the 2025 model, the GPU has been borrowed unchanged. 

Read more
ChatGPT will now dole out finance tips if you connect your bank account. I won’t.
ChatGPT can now access your bank account to offer spending analysis and financial planning.
chatgpt-personal-finance

ChatGPT already knows a lot about you. OpenAI now wants to add your finances to that list. The company has launched a personal finance feature for ChatGPT, currently in preview for Pro subscribers in the US at $200 a month. OpenAI says it will expand to Plus users after gathering feedback from this early rollout.

It lets you connect your financial accounts through Plaid, a platform that bridges bank apps with third-party services and works with over 12,000 institutions, including Chase, Fidelity, Schwab, American Express, and more.

Read more
CleanShot X is my favorite Mac utility. Here are 8 features that will convince you, too.
Your Mac's built-in screenshot tool has been holding you back. It's time to upgrade.
Mac running CleanShot X

macOS has a built-in screenshot tool that gets the basics right. You can take a screenshot, record your screen, and even annotate your captures. But the moment you want something more, like scrolling capture, advanced annotation tools, or a quick way to share your screenshots via a link, it starts to fall apart.

That's where CleanShot X comes in. It's a powerful screenshot and screen recording app for Mac that replaces the built-in screenshot tool. It feels as if the developers looked at the screenshot features in macOS and added everything that was missing.

Read more