Threat actors have also been moving to customized ransomware-as-a-service campaigns from mass-spread campaigns, as they seek larger targets, according to McAfee.
"We first saw them [cybercriminals] use ransomware to extract small payments from millions of individual victims. Today, we see Ransomware as a Service supporting many players in these illicit schemes holding organizations hostage and extorting massive sums for the criminals," said Raj Samani, fellow and chief scientist at McAfee.
Despite increased threat volumes, McAfee found that ransomware attacks dropped by 50% in the first quarter, with REvil, RansomeXX and Ryuk being the most commonly detected ransomware strains. Meanwhile, cryptomining malware increased by 117%, which McAfee links to 64-bit mining app availability.