Developing countries are being used by hackers to try out new ransomware variants
IT security professionals aren’t the only ones with sandboxes and honeypots to test malware in, as hackers are doing the same – in developing countries of the world.
A report from Performanta says many hackers would first try out new malware variants in developing countries before targeting companies in the developed world.
The report claims that this process is particularly effective because organizations in the developing world are less aware of the issue of cyber security and as such are easier targets, so organizations in Africa, Latin America and Asia are hit first, before the attackers develop. towards Europe. and North America.
Cheaper malware
The researchers claim to have observed attacks in Senegal, Chile, Colombia and Argentina, using strains that later landed on systems in Europe and North America. One of the variants being tested in this way is Medusa, a ransomware variant first seen in South Africa, Senegal and Tonga before affecting organizations in the US, UK, Canada, Italy and France.
In 2023, there were approximately one hundred reported cases of Medusa attacks.
In his writing, Ars Technica discussed the issue with Nadir Izrael, chief technology officer at cybersecurity group Armis, who said attackers were observed discussing an exploit for a new vulnerability earlier this year. “They specifically targeted a few (exposed servers) in third world countries to test how reliable the exploit was,” he said.
Armis confirmed the strategy a few weeks later, when its honeypots picked up the threat actor first going after companies in Southeast Asia.
However, not everyone agrees with this assessment. Sherrod DeGrippo, director of Microsoft’s threat intelligence strategy, told the publication that malware and ransomware variants had actually become cheaper, allowing hackers in the developing world to mount their own mini-attacks.
Hanah-Marie Darley, Darktrace’s director of threat research, also believes Medusa has lowered its prices, leading to more attacks in poorer countries.