Ransomware attacks surge despite payments being down

No Comments

The latest threat intelligence report from Ontinue finds a 132 percent surge in ransomware attacks, although ransom payments have declined by 35 percent, suggesting a shift in attacker strategies to double down on ransomware efforts.

Among other key trends, the report highlights the rapid rise of Adversary-in-the-Middle (AiTM) attacks, which have become a dominant method for stealing authentication tokens and bypassing multi-factor authentication (MFA).

The PlugX Remote Access Trojan (RAT) remains an active threat too, while command-and-control (C2) traffic associated with infostealers and malware loaders continues to escalate.

The report also notes the increasing sophistication of vishing (voice phishing) attacks, which cybercriminals are now enhancing with artificial intelligence. By leveraging AI-driven voice cloning technologies, attackers can create realistic deepfake audio to impersonate trusted individuals, tricking victims into divulging credentials, approving fraudulent transactions, or granting unauthorized system access.

Ontinue's team has detected a 1,633 percent spike in vishing-related incidents compared to the previous quarter. Many of these attacks direct victims to fake Microsoft support pages, often hosted on .shop domains, where users are prompted to call fraudulent support numbers.

Attackers are abusing legitimate tools too. Microsoft Quick Assist, a remote support tool, is being weaponized by attackers to gain unauthorized access to victim devices, often bypassing traditional security controls. Windows Hello authentication keys have also been targeted in credential theft campaigns, allowing adversaries to authenticate as legitimate users without needing passwords.

"The cybercriminal ecosystem is adapting to evolving security measures, leveraging AI-powered deception, novel malware delivery tactics, and persistent social engineering schemes," says Balazs Greksza, director of advanced threat operations at Ontinue. "Our research underscores the urgent need for organizations to fortify their defenses against sophisticated phishing, vishing, and malware campaigns, while continuing to harden their environments against ransomware and credential theft."

You can read more and get the report on the Ontinue blog.

Image credit: lighthouse/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Three-quarters of companies now use open source observability tools

Plugable USBC-7400H4 adapter lets you connect four 4K monitors to your laptop with just one USB-C port

Ransomware attacks surge despite payments being down

1 in 5 SMBs could be put out of business by a cyberattack

DOOGEE launches rugged Blade GT Ultra Android 14 smartphone

Supply chain resilience rated as highly as cybersecurity

CS2 trade: Best practices for buying and selling in-game skins

Most Commented Stories

Windows 25 solves Windows 11's biggest problem -- download it now

60 Comments

'It just works': AcreetionOS is the easy-to-use alternative to Windows 10/11 -- switch to it now

48 Comments

Windows Vista 2025 Edition fixes Windows 11's biggest problems -- download it now

27 Comments

New Firefox terms of use could push users to Google Chrome

27 Comments

Windows 20 is the upgrade Windows 11 should have been -- download it now

16 Comments

Forget Windows 12, Windows 11 2025 Edition is the Microsoft operating system we need!

15 Comments

Microsoft is ready to create more annoyance by rolling out OneDrive ads to Office users

14 Comments

Forget Google Chrome and Firefox, LibreWolf is the privacy focused browser you've been looking for

13 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.