{"id":960,"date":"2021-02-06T11:32:41","date_gmt":"2021-02-06T11:32:41","guid":{"rendered":"https:\/\/techcavit.com\/?p=960"},"modified":"2021-02-06T11:37:13","modified_gmt":"2021-02-06T11:37:13","slug":"4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks","status":"publish","type":"post","link":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/","title":{"rendered":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks"},"content":{"rendered":"\n<p>The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same Ransom as a Service (RaaS) network and affiliates.<\/p>\n\n\n\n<p>According to a new Chainalysis 2021 Crypto Crime Report, established connections between the four strains indicate that they are either<a href=\"https:\/\/blog.chainalysis.com\/reports\/ransomware-connections-maze-egregor-suncrypt-doppelpaymer\"> being controlled or executed by the same group of people<\/a>.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>\u201cThere may be fewer cybercriminals responsible for ransom attacks that one would initially think, given the number of individual attacks, distinct strains and amount stolen from victims.\u201d<\/p><\/blockquote>\n\n\n\n<p>RaaS is a business model by ransom developers who lease or sell different strains of their ransomware to affiliates who in turn use them to perform attacks on individuals or organizations.<\/p>\n\n\n\n<p>Cybersecurity researchers identified strong links between the four strains, all of which were relatively active in 2020. They were used to attack different companies and institutions including Barnes &amp;Noble, LG, Pemex and University Hospital New Jersey.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>\u201cAll four use the RaaS model, meaning that affiliates carry out the ransom attacks themselves and pay a percentage of each victim payment back to the strain\u2019s creators and administrators.\u201d<\/p><\/blockquote>\n\n\n\n<p>Additionally, the strains have all been using the same double extortion method to blackmail their victims by threatening to withhold data and publish it online for extra intimidation.<\/p>\n\n\n\n<h2 id=\"h-ransomware-strains-are-interlinked\"><strong>Ransomware Strains are Interlinked<\/strong><\/h2>\n\n\n\n<p>The Maze strain disappeared shortly after Egregor became active in Q4 2020. Its administrators later announced in November that its website was shutting down due to reduced activity.<\/p>\n\n\n\n<p>\u201cSome Cybersecurity researchers see this as evidence that Maze and Egregor are linked in some way.\u201d<\/p>\n\n\n\n<p>Researchers further claimed that Maze operators either rebranded to Egregor or joined the latter\u2019s operators, with a row between the two groups resulting in a split.<\/p>\n\n\n\n<p>\u201cMaze and Egregor share much of the same code, the same ransom note, and have very similar victim payment sites.\u201d<\/p>\n\n\n\n<p>SunCrypt has also been linked severally to Maze, including through a privately circulated report from a threat intelligence firm saying that SunCrypt is a rebrand of a well-known ransomware strain.<\/p>\n\n\n\n<p>A connection between Egragor and Doppelpaymer has also been established through a 78.8 BTC ransom payment for Egregor that was suspected to be a Doppelpaymer administrator wallet.<\/p>\n\n\n\n<h2 id=\"h-useful-information-for-law-enforcement\"><strong>Useful Information for Law Enforcement<\/strong><\/h2>\n\n\n\n<p>Chainalysis concludes that Law enforcement agencies could benefit from this information to expand their crackdowns and even halt operations of well-known interlinked strains with a single takedown.<\/p>\n\n\n\n<p>\u201cEvidence suggests that the ransom world is smaller than one may initially think, given the number of unique strains currently operating.\u201d<\/p>\n\n\n\n<p>Ransomware attacks grew by 311% in 2020, with $350 million being paid by ransomware victims to attackers, despite crypto-related criminal activity falling by 83%.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same Ransom as a Service (RaaS) network and affiliates. According to a new Chainalysis 2021 Crypto Crime Report, established connections between the four strains indicate that they are either being controlled or executed by the [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":961,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[32,1385],"tags":[380,2226,1898],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v16.1 (Yoast SEO v19.5.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit<\/title>\n<meta name=\"description\" content=\"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit\" \/>\n<meta property=\"og:description\" content=\"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"TechCavit\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/techcavit\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-06T11:32:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-02-06T11:37:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techcavit.com\/wp-content\/uploads\/2021\/02\/4-of-2020s-Biggest-Ransomware-Strains-Linked-to-Majority-of-Attacks.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Steve Stone\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techcavit\" \/>\n<meta name=\"twitter:site\" content=\"@techcavit\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Stone\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\"},\"author\":{\"name\":\"Steve Stone\",\"@id\":\"https:\/\/techcavit.com\/#\/schema\/person\/198cfe47a2c1895c70ee2c5c5a9a5e59\"},\"headline\":\"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks\",\"datePublished\":\"2021-02-06T11:32:41+00:00\",\"dateModified\":\"2021-02-06T11:37:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\"},\"wordCount\":443,\"publisher\":{\"@id\":\"https:\/\/techcavit.com\/#organization\"},\"keywords\":[\"News\",\"Ransomware\",\"Security\"],\"articleSection\":[\"News\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\",\"url\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\",\"name\":\"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit\",\"isPartOf\":{\"@id\":\"https:\/\/techcavit.com\/#website\"},\"datePublished\":\"2021-02-06T11:32:41+00:00\",\"dateModified\":\"2021-02-06T11:37:13+00:00\",\"description\":\"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same\",\"breadcrumb\":{\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"TechCavit\",\"item\":\"https:\/\/techcavit.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/techcavit.com\/#website\",\"url\":\"https:\/\/techcavit.com\/\",\"name\":\"TechCavit\",\"description\":\"Technology News At Its Finest\",\"publisher\":{\"@id\":\"https:\/\/techcavit.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/techcavit.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/techcavit.com\/#organization\",\"name\":\"TechCavit\",\"url\":\"https:\/\/techcavit.com\/\",\"sameAs\":[\"https:\/\/instagram.com\/techcavit\",\"https:\/\/facebook.com\/techcavit\",\"https:\/\/twitter.com\/techcavit\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/techcavit.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/techcavit.com\/wp-content\/uploads\/2019\/01\/TC.png\",\"contentUrl\":\"https:\/\/techcavit.com\/wp-content\/uploads\/2019\/01\/TC.png\",\"width\":500,\"height\":500,\"caption\":\"TechCavit\"},\"image\":{\"@id\":\"https:\/\/techcavit.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/techcavit.com\/#\/schema\/person\/198cfe47a2c1895c70ee2c5c5a9a5e59\",\"name\":\"Steve Stone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/techcavit.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b476477ac2065a965825cdd0c8b6b06c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b476477ac2065a965825cdd0c8b6b06c?s=96&d=mm&r=g\",\"caption\":\"Steve Stone\"},\"description\":\"Steve is a finance management technology graduate with a liking for the fintech space and blockchain industry. Contact: Steve.stone [at] techcavit.com\",\"url\":\"https:\/\/techcavit.com\/author\/steve-stone\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit","description":"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/","og_locale":"en_US","og_type":"article","og_title":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit","og_description":"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same","og_url":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/","og_site_name":"TechCavit","article_publisher":"https:\/\/facebook.com\/techcavit","article_published_time":"2021-02-06T11:32:41+00:00","article_modified_time":"2021-02-06T11:37:13+00:00","og_image":[{"width":1200,"height":700,"url":"https:\/\/techcavit.com\/wp-content\/uploads\/2021\/02\/4-of-2020s-Biggest-Ransomware-Strains-Linked-to-Majority-of-Attacks.jpg","type":"image\/jpeg"}],"author":"Steve Stone","twitter_card":"summary_large_image","twitter_creator":"@techcavit","twitter_site":"@techcavit","twitter_misc":{"Written by":"Steve Stone","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#article","isPartOf":{"@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/"},"author":{"name":"Steve Stone","@id":"https:\/\/techcavit.com\/#\/schema\/person\/198cfe47a2c1895c70ee2c5c5a9a5e59"},"headline":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks","datePublished":"2021-02-06T11:32:41+00:00","dateModified":"2021-02-06T11:37:13+00:00","mainEntityOfPage":{"@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/"},"wordCount":443,"publisher":{"@id":"https:\/\/techcavit.com\/#organization"},"keywords":["News","Ransomware","Security"],"articleSection":["News","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/","url":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/","name":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks - TechCavit","isPartOf":{"@id":"https:\/\/techcavit.com\/#website"},"datePublished":"2021-02-06T11:32:41+00:00","dateModified":"2021-02-06T11:37:13+00:00","description":"The four most prominent ransomware strains of 2020, Maze, Egregor, SunCrypt, and Doppelpaymer have connections that lead back to the same","breadcrumb":{"@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/techcavit.com\/4-of-2020s-biggest-ransomware-strains-linked-to-majority-of-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"TechCavit","item":"https:\/\/techcavit.com\/"},{"@type":"ListItem","position":2,"name":"4 of 2020\u2019s Biggest Ransomware Strains Linked to Majority of Attacks"}]},{"@type":"WebSite","@id":"https:\/\/techcavit.com\/#website","url":"https:\/\/techcavit.com\/","name":"TechCavit","description":"Technology News At Its Finest","publisher":{"@id":"https:\/\/techcavit.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/techcavit.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/techcavit.com\/#organization","name":"TechCavit","url":"https:\/\/techcavit.com\/","sameAs":["https:\/\/instagram.com\/techcavit","https:\/\/facebook.com\/techcavit","https:\/\/twitter.com\/techcavit"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techcavit.com\/#\/schema\/logo\/image\/","url":"https:\/\/techcavit.com\/wp-content\/uploads\/2019\/01\/TC.png","contentUrl":"https:\/\/techcavit.com\/wp-content\/uploads\/2019\/01\/TC.png","width":500,"height":500,"caption":"TechCavit"},"image":{"@id":"https:\/\/techcavit.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/techcavit.com\/#\/schema\/person\/198cfe47a2c1895c70ee2c5c5a9a5e59","name":"Steve Stone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techcavit.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b476477ac2065a965825cdd0c8b6b06c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b476477ac2065a965825cdd0c8b6b06c?s=96&d=mm&r=g","caption":"Steve Stone"},"description":"Steve is a finance management technology graduate with a liking for the fintech space and blockchain industry. Contact: Steve.stone [at] techcavit.com","url":"https:\/\/techcavit.com\/author\/steve-stone\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/posts\/960"}],"collection":[{"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/comments?post=960"}],"version-history":[{"count":0,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/posts\/960\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/media\/961"}],"wp:attachment":[{"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/media?parent=960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/categories?post=960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techcavit.com\/wp-json\/wp\/v2\/tags?post=960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}