Royal ransomware is on the rise as operators have embraced partial encryption to evade detection, a newer technique that’s becoming a trend among other ransomware gangs.
The evasion tactics of Royal ransomware were detailed in new research Wednesday by Cybereason security operations analyst Mark Tsipershtein; Eli Salem, security and malware researcher; and Alon Laufer, senior security analyst. Active since early 2022, Royal operators behind the strain were observed using multi-threaded ransomware to accelerate the encryption process, as well as a “unique approach” to evade detection.
Though it is one of the newer gangs to emerge, Royal ransomware is quickly becoming a prolific threat that’s only gaining momentum. The group even garnered a government warning to the healthcare sector earlier this month, “due to the historical nature of ransomware victimizing the healthcare community.”