Destroying the largest players in the ransomware industry has done many things for the world, but making it a safer place isn't exactly one of them. Even though the death of GandCrab meant many possible victims would stay safe from the devastating ransomware, it also meant a more diversified landscape which would be harder to tackle.
Tech security company Bitdefender analysed Windows security threats including ransomware, coin miners, fileless malware, PUAs, exploits and banking Trojans, and came to the conclusion that the threat of ransomware is growing fast.
In fact, ransomware grew 74 per cent year-on-year, despite first dropping during H1 2019. The drop was attributed mostly to the death of GandCrab (one of the most popular ransomware strains to ever hit the web), but the new growth means multiple new players are taking its place.
None of them have yet risen to the hights GandCrab achieved, but one is emerging as a potential candidate - Sodinokibi (aka REvil or Sodin).
"The fall of GandCrab, which dominated the ransomware market with a share of over 50 per cent, has left a power vacuum that various spinoffs are quickly filling. This fragmentation can only mean the ransomware market will become more powerful and more resilient against combined efforts by law enforcement and the cybersecurity industry to dismantle it," the report stated.
Most strains are built for the Windows ecosystem, even though Mac has seen its share of attacks, as well. In H1 2019, some of the most common macOS threats were coin miners, PUAs and exploits, according to Bitdefender.