Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. Researchers also uncovered a new zero-day exploit in Chrome, as well as signals how cybercriminals are preparing to move away from macros as an infection vector.
Ransomware attacks increase
After months of decline, global ransomware attacks increased significantly in Q2/2022, up 24% from the previous quarter. The highest quarter-on-quarter increases in ransomware risk ratio occurred in Argentina (+56%), UK (+55%), Brazil (+50%), France (+42%), and India (+37%).
“Consumers, but especially businesses should be on guard and prepared for encounters with ransomware, as the threat is not going anywhere anytime soon,” explains Jakub Kroustek, Avast Malware Research Director.
“The decline in ransomware attacks we observed in Q4/2021 and Q1/2022 were thanks to law enforcement agencies busting ransomware group members, and caused by the war in Ukraine, which also led to disagreements within the Conti ransomware group, halting their operations. Things dramatically changed in Q2/2022. Conti members have now branched off to create new ransomware groups, like Black Basta and Karakurt, or may join other existing groups, like Hive, BlackCat, or Quantum, causing an uptick in activity.”
Researchers discovered two new zero day exploits used by Israeli spyware vendor Candiru to target journalists in Lebanon, among others. The first was a bug in WebRTC, which was exploited to attack Google Chrome users in highly targeted watering hole attacks, but also affected many other browsers. Another exploit allowed the attackers to escape a