Participants of hacking forums majorly discuss ransomware

Analysts at Recorded Future analyzed more than 3.9 million messages on underground forums, written from May 2018 to May 2019, to identify the most discussed threats and malicious programs that are popular among cybercriminals.

The study showed that far ahead at the top of the list of the most popular threats is ransomware and cryptographers, followed by Trojans.

“Based on the prevalence and longevity of the malware, Insikt Group assesses with medium confidence that there likely exist enough victims who do not comply with basic security precautions for forum members to successfully infect”, — report Recorded Future specialists.

At the same time, about 50% of references to extortionists were related to sale of primitive and simple threats. As a rule, these are various variants of HiddenTear, Jigsaw Ransomware or other solutions written in C #.

The most discussed ransomware in the hacker environment turned out to be GandCrab encrypter, who has now ceased its work (he also became the only cryptographer to be in the top 10 most discussed malware). Threats such as Ryuk, WannaCry, CryptoLocker and Petya were also very popular, many of which are also “not in use”.

Read also: Avast researchers found on Google Play several surveillance applications

List of top 10 most discussed threats in a year looks as the following: five malwares belonged to the Remote Access Trojans (RAT) – njRAT, SpyNote, DarkComet, Imminent Monitor and WARZONE RAT; another two were informers: Predator the Thief and AZORult; as well as the top included a RDP brute-forser called NLBrute and a tool for sending forum spam XRumer.

Recorded Future specialists summarize that attackers continue to use malware and attack methods that have existed for many years, as these time-tested solutions still bring them profit. For example, the Gh0st RAT malware is known to experts for more than three years and is easily detected by defensive solutions, but the malware is still in the top 3 of the most discussed programs among Chinese-speaking users of hacker forums.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button