Thursday, 3 April 2025
27.3 C
Singapore
31 C
Thailand
20.5 C
Indonesia
28.1 C
Philippines

Hackers use developing countries to test new ransomware strains

Explore how cybercriminals trial new ransomware in developing countries before launching attacks in more developed regions.

You may not be the only one testing in sandboxes and deploying honeypots; hackers are engaging in similar practices, particularly in developing regions of the world. According to a recent report by Performanta, cybercriminals are increasingly selecting developing countries as their testing grounds for new malware strains before they target more developed economies.

Hackers strategically choose developing nations. These regions often have lower cybersecurity awareness and weaker defensive measures, making them ideal initial targets. This tactic allows attackers to refine their methods and malware in a less risky environment. Countries in Africa, Latin America, and Asia frequently fall victim first before these cyber threats escalate to regions like Europe and North America.

This approach not only helps cybercriminals test the effectiveness of their malware but also allows them to adjust their tactics based on initial responses before they target more secure, high-stakes environments.

The spread of cheaper malware

Research indicates that this method has been employed with various strains of malware, including the ransomware variant Medusa. Initially observed in countries such as South Africa, Senegal, and Tonga, Medusa subsequently found its way into systems across the US, UK, Canada, Italy, and France. In 2023 alone, Medusa was responsible for approximately 100 reported attacks.

Experts like Nadir Izrael, Chief Technology Officer at cybersecurity firm Armis, have noted that attackers often discuss exploits for newly discovered vulnerabilities. Earlier this year, cybercriminals were seen testing an exploit on a few servers in less developed countries to gauge its reliability. This testing phase allows attackers to refine their strategies in environments where there is less likelihood of immediate, robust countermeasures.

However, not everyone concurs with this perspective. Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, argued that malware and ransomware variants have become more affordable, enabling hackers in developing countries to initiate their own scaled-down attacks. This affordability factor changes the dynamics of global cybersecurity as it lowers the entry barrier for attackers.

Similarly, Hanah-Marie Darley, Director of Threat Research at Darktrace, suggested that the reduction in the cost of tools like Medusa has led to an increase in attacks in poorer countries. These regions, with their limited cybersecurity budgets and infrastructure, are becoming hotspots for initial malware outbreaks.

As the digital landscape evolves, the strategic deployment of malware in developing countries highlights the complex, global nature of cybersecurity threats. It underscores the need for international cooperation and capacity-building in cybersecurity measures across all nations.

Hot this week

YouTube expands shopping affiliate programme in Singapore through Shopee partnership

YouTube teams up with Shopee to launch its Shopping affiliate programme in Singapore, giving creators new ways to monetise their content.

Garmin launches premium Connect+ plan to boost health and fitness tracking

Garmin introduces Connect+ with AI insights, advanced training tools, and social features to help users reach their health and fitness goals.

Zelle is removing its stand-alone app

Zelle is shutting down its stand-alone app, but you can still use the service through your bankโ€™s app. Hereโ€™s what you need to know.

Apple prepares for M5 iPad Pro and MacBook Pro release

Apple is set to launch the M5 iPad Pro and MacBook Pro in late 2024, with the M6 models expected to introduce an in-house modem in 2027.

Oracle Cloud launches new Compute E6 shapes powered by AMDโ€™s 5th Gen EPYC processors

Oracle Cloud boosts performance with new Compute E6 shapes powered by 5th Gen AMD EPYC processors, now available in key global regions.

YouTube expands shopping affiliate programme in Singapore through Shopee partnership

YouTube teams up with Shopee to launch its Shopping affiliate programme in Singapore, giving creators new ways to monetise their content.

Misconceptions about STEM careers continue to deter young women in Singapore

New research shows stereotypes and lack of support are deterring young women from STEM careers, posing a risk to Singaporeโ€™s innovation goals.

Synagie and HKT launch ShopHK to help Hong Kong brands expand into Southeast Asia

Synagie and HKT launch ShopHK, helping Hong Kong SMEs tap into Southeast Asia's booming US$600 billion e-commerce market.

Informatica introduces new AI features to boost cloud data integration and management

Informatica adds AI tools to simplify data integration and improve enterprise access to AI-ready data across its cloud platform.

Related Articles