In the first quarter of 2023, the cybersecurity world has seen a dramatic increase in ransomware groups discovered. According to BitcoinCasinos.com, a total of 167 new ransomware groups were found in Q1 2023 alone.
BitcoinCasino’s financial expert Edith Reads commented on the data saying, “This is a clear sign of the growth in ransomware activity. Many of these groups are trying to exploit security flaws, especially those related to cryptocurrency exchanges and wallets.”
Medusa and Nevada Ransomware stand out as the most prevalent and concerning among these groups. Both ransomware groups target Windows-based systems, aim to encrypt files, and demand a ransom payment in exchange for unlocking the encrypted data. The malicious code used by both groups is sophisticated, making them tricky to detect and remove from an infected system.
Medusa Ransomware
Medusa Ransomware is a relatively new ransomware strain that emerged in early 2021. According to reports, this ransomware has been distributed by a gang active since June 2021. Despite the low activity, it was in 2023 when Medusa put itself on the map with its blog and started to threaten victims with double extortion if their ransom demands were not paid.
The Minneapolis Public Schools (MPS) was one of the high-profile victims targeted by Medusa ransomware in the first quarter of 2023. They released a video showing some of their stolen data as proof that they had indeed breached the MPS network and were able to gain access to sensitive information. According to reports, Medusa ransomware was able to compromise 20 victims in the first two months of this quarter alone.
Nevada Ransomware
Another ransomware strain that has been making headlines in the first quarter of 2023 is Nevada Ransomware. This ransomware strain was first discovered on December 10, 2021, when an announcement was released to recruit new members for their Ransomware-as-a-Service plan.
Nevada ransomware is built with the Rust programming language and is currently under development. According to the Nevada group, their encryption module will be able to target Windows machines, Linux machines, and ESXi environments.
The Nevada ransomware campaign has been mainly targeting companies in the US and Europe, but it is still too early to tell if they will be able to cause a lot of damage in the long run. However, what is certain is that their target victims are already feeling the impact of this new ransomware group in the first quarter of 2023, with an estimated 3,200 victims so far.
How Can I Protect Against Ransomware
As ransomware attacks evolve and become more sophisticated, individuals and organizations need to take proactive measures to protect themselves. This includes implementing robust cybersecurity protocols, backing up data regularly, and educating employees on recognizing and avoiding phishing attacks.
Additionally, victims of ransomware attacks should never pay the ransom, as this only incentivizes ransomware groups to continue their illegal activities. Instead, victims should seek the help of cybersecurity experts to decrypt their files and report the attack to law enforcement agencies.