URLs now top ransomware vector


By Dylan Bushell-Embling
Wednesday, 02 August, 2023

URLs now top ransomware vector

URLs have emerged as the leading method of delivering ransomware to victims, according to research from Palo Alto Networks’ Unit 42.

The research found that URL or web browsing has taken over from email attachments as the most widely used channel for distributing ransomware since 2021, with URLs accounting for over 77% of cases analysed by the company.

Third party apps are the next most common method, responsible for 8.2% of cases, followed by SMPT- (6.4%) and POP3- (4.2%) based email attachments.

Meanwhile the Lazy and Virlock ransomware families are dominating in terms of ransomware traffic, accounting for over 50% of ransomware observed during the last quarter of 2022.

During the quarter, Palo Alto detected over 27,000 unique URLs and hostnames hosting ransomware. Based on an analysis of 7000 random samples from the ransomware hosting URLs, Palo Alto estimates that more than 20% of malicious URLs remain active days or weeks after being detected.

The .com top level domain dominates in terms of compromised or malicious websites, but attackers are increasingly utilising country code top level domains including .ru (Russia) and .cn (China).

Palo Alto noted that since its inception in October, the Palo Alto Networks Advanced URL Filtering and DNS Security product releases have automatically blocked over 2000 sessions involving ransomware URLs daily. Over 49% of these are blocked from customers’ traffic before reaching their devices.

Image credit: iStock.com/olaser

Related News

Lack of leadership buy-in biggest obstacle to digital trust: report

A new report from ISACA says that many organisations say that in five years digital trust will be...

Lack of customer confidence affecting security strategies: report

A survey from LogRhythm finds three-quarters of ANZ companies changed their security strategy...

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd