A new report from Malwarebytes places Cerber ransomware as the top threat in the ransomware market.
Cerber takes 30% of the ransomware detections while Locky, which came in second, only holds a 5% share.
Cerber is a very popular piece of malware in that it is “pretty powerful ransomware written with attention to detail.” The company touted its “rich customisation options and various tricks to make analysis harder.”
Locky was most popular but by March of 2016, it had become “all but vanished”. Locky was delivered by email and delivered its punch when a victim enabled the macros on an attached document.
Locky might be remembered as the ransomware that affected the breach of the Hollywood Presbyterian Medical Centre for which the hospital had to pay $17,000 to unlock its files.
At the end of 2016, Locky had a 70% share of the market, but by March of 2017, it had dropped to less than two percent.
While “we should all be thankful that one of the most dangerous families of ransomware seems to have vanished for the time being, we do still need to worry about an overpowered and heavily distributed Cerber,” said the report.
The report by MalwareBytes notes that: “since the creators of Cerber continue to develop and sell the ransomware to affiliates, it would likely take interaction from law enforcement to halt operations and shut the ransomware down.”
