Research reveals that more than 2 billion stolen account credentials are available on the cybercriminal underground.

McAfee released its latest McAfee Labs Threats Report: August 2019, examining cybercriminal activity and the development of cyber threats in the first quarter of 2019.

It was revealed that a 118% increase in ransomware attacks included the “discovery” of new ransomware families to which some of them are using innovative techniques in order to target enterprises.

While spear-phishing remained popular, ransomware attacks increasingly targeted exposed remote access points, such as Remote Desktop Protocol (RDP); these portals can be broken into with brute-force attack or bypassed with information bought on illicit online marketplaces. The RDP credentials can then be used to gain admin privileges, granting full rights to distribute and execute malware on corporate networks.

The report identified that the actors behind ransomware attacks are using anonymous email services to manage their campaigns, instead of the traditional approach of setting up command-and-control (C2) servers.

Dharma, GandCrab and Ryuk were the most active ransomware families identified in the first quarter of 2019. Anatova was another notable ransomware family.

“After a periodic decrease in new families and developments at the end of 2018, the first quarter of 2019 was game on again for ransomware, with code innovations and a new, much more targeted approach,” said Christiaan Beek, McAfee lead scientist and senior principal engineer.

“Paying ransoms supports cybercriminal businesses and perpetuates attacks. There are other options available to victims of ransomware. Decryption tools and campaign information are available through tools such as the No More Ransom project.”

The report also identified that more than 2.2 billion stolen account credentials were made available on the cybercriminal underground during the first quarter of 2019. During the same period, the first three months of 2019, researchers at McAfee observed an overwhelming 504 new threats per minute.

There was a 29% increase in coin mining malware, whilst there was a decline in JavaScript malware (13%). However total malware grew 62% over the past year.

Raj Samani, McAfee fellow and chief scientist said:

“It’s important to recognize that the numbers, highlighting increases or decreases of certain types of attacks, only tell a fraction of the story. Every infection is another business dealing with outages or a consumer facing major fraud. We must not forget for every cyber-attack, there is a human cost.”