Participants of hacking forums majorly discuss ransomware

Analysts at Recorded Future analyzed more than 3.9 million messages on underground forums, written from May 2018 to May 2019, to identify the most discussed threats and malicious programs that are popular among cybercriminals.

“Based on the prevalence and longevity of the malware, Insikt Group assesses with medium confidence that there likely exist enough victims who do not comply with basic security precautions for forum members to successfully infect”, — report Recorded Future specialists.

At the same time, about 50% of references to extortionists were related to sale of primitive and simple threats. As a rule, these are various variants of HiddenTear, Jigsaw Ransomware or other solutions written in C #.

The most discussed ransomware in the hacker environment turned out to be GandCrab encrypter, who has now ceased its work (he also became the only cryptographer to be in the top 10 most discussed malware). Threats such as Ryuk, WannaCry, CryptoLocker and Petya were also very popular, many of which are also “not in use”.

Read also: Avast researchers found on Google Play several surveillance applications

List of top 10 most discussed threats in a year looks as the following: five malwares belonged to the Remote Access Trojans (RAT) – njRAT, SpyNote, DarkComet, Imminent Monitor and WARZONE RAT; another two were informers: Predator the Thief and AZORult; as well as the top included a RDP brute-forser called NLBrute and a tool for sending forum spam XRumer.