Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.Here's an overview of our use of cookies, similar technologies and how to manage them.
Most of these double attacks, we're told, happen within 48 hours of each other, and the FBI said it spotted various ransomware families — AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal — being used in this way. "In early 2022, multiple ransomware groups increased use of custom data theft, wiper tools, and malware to pressure victims to negotiate," the FBI wrote in its alert []."In some cases, new code was added to known data theft tools to prevent detection. In other cases in 2022, malware containing data wipers remained dormant until a set time, then executed to corrupt data in alternating intervals.
These changes in the criminal economy are exacerbated by the reality that "organizations move slow" when it comes to security, Hyatt said, making them easy targets for multiple hits. A victim might also still be trying to recover from an infection and improve its defenses when the second wave comes strolling in.