Ransomware-as-a-service (RaaS) is now the weapon of choice for cybercriminals, according to OpenText’s Nastiest Malware of 2023, an annual ranking of the year’s biggest malware threats to determine the most notorious malware trends.
Ransomware gangs
Four new ransomware gangs topped the list with newcomer Cl0p taking the lead as this year’s nastiest malware after its MOVEit campaign demanded exorbitant ransoms.
“A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities,” said Muhi Majzoub, EVP and chief product officer, of OpenText.
“There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom.”
2023 Nastiest Malware
1. Cl0p, a RaaS platform, became famous following a series of cyberattacks and exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software.
2. Black Cat, presumed to be the successor to the REvil ransomware group, has built their RaaS platform on the Rust programming language.
3. Akira, suspected heir to Conti, primarily targets small to medium-sized businesses due to the ease and turnaround time.
4. Royal, presumed to be a descendant of Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network.
5. Lockbit 3.0, a main stain on the list and last year’s winner is now more modular and evasive than its predecessors.
6. Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group.