From the beginning of 2024 to mid-2025, there were 2,848 successful hacker attacks on organizations in Russia using malicious software. In 65% of cases, ransomware, Trojans, remote control programs, spyware, and data deletion viruses were used. This was reported to journalists by a representative of Positive Technologies.
According to him, attackers have changed their strategy recently. Previously, they encrypted data, but now they have begun to focus on downloading information. This way they can achieve ransom faster.
According to Alexey Vishnyakov, Technical Director of the Solar 4RAYS Cyber Threat Research Center, hackers used to actively encrypt data. Now it has become more difficult for attackers to make a profit. More and more organizations are refusing to pay ransom. The fact is that there are no guarantees of data recovery.
The emphasis in extortion is shifting from data decryption to the threat of disclosing stolen information and maintaining remote access to systems, experts added.
Read more on the topic:
Russian hackers stole data from the US Federal Court system
Hackers often use legitimate software in attacks to disguise themselves from antiviruses
Vulnerabilities in the WinRar archiver began to be used for hidden attacks
