Ransomware Infections Grew 14 Percent in Early 2016, April the Worst Month

A

Alkajak

Thread author
ransomware-infections-grew-14-percent-in-early-2016-april-the-worst-month-503743-3.png


To nobody's surprise, two separate security firms and the FBI are warning companies about an increase in ransomware infections, which took a sharp turn at the start of 2016, reaching record levels during the past month.

According to Kaspersky's Q1 IT Threat Evolution Report, the security firm detected 2,900 new ransomware variants (modifications), which represented a 14 percent increase compared to the previous quarter.

Kaspersky says that its malware database now includes about 15,000 ransomware modifications, which means that, during the past three months, the company detected about 20 percent of its entire database.

Additionally, the company explains that, in the first three months of the year, its security products detected and stopped 372,602 ransomware attacks, of which 17 percent were against corporate targets.

April was a nightmare month when it came to ransomware detections
Kaspersky's findings are also doubled by statistics from the Enigma Software Group (ESG), who also has reported today that, in February, they saw a 19.37 percent increase over January in terms of detected ransomware attacks.

Additionally, the company reported that March had a 9.46% increase over February, and the number of detected ransomware attacks more than doubled in April, compared to those in March. ESG reports a 158.87 percent spike.

[...]

Read Article: Ransomware Infections Grew 14 Percent in Early 2016, April the Worst Month
 
Last edited by a moderator:

omidomi

Level 71
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,008
Ransomware has overtaken news about APT attacks to become the main topic of the quarter. According to Kaspersky Lab’s Q1 malware report, the company’s experts detected 2,900 new malware modifications during the quarter, an increase of 14 per cent on the previous quarter. Kaspersky Lab’s database now includes about 15,000 ransomware modifications, and the number continues to grow.

In the first quarter of 2016, Kaspersky Lab security solutions prevented 376,602 ransomware attacks on users, 17 per cent of which targeted the corporate sector. The number of attacked users increased by 30 per cent compared to Q4, 2015.

One of the most famous and widespread ransomware in Q1, 2016 was Locky. Kaspersky Lab products detected attempts to infect users with this Trojan in 114 countries, and as of early May 2016, it remains active. Another ransomware called Petya was interesting from a technical perspective because of its ability to not only encrypt data stored on the computer, but also to overwrite the hard disk drive’s master boot record (MBR), leaving infected computers unable to boot into the operating system. According to Kaspersky Lab detections, the top three ransomware families in Q1 were: Teslacrypt (58.4 per cent), CTB-Locker(23.5 per cent) and Cryptowall (3.4 per cent). All three propagate mainly through spam emails with malicious attachments or links to infected web pages.

“One of the reasons why ransomware has become so popular lies in the simplicity of the business model used by cybercriminals. Once the ransomware gets into the users’ system there is almost no chance of getting rid of it without losing personal data. Also, the demand to pay the ransom in bitcoins makes the payment process anonymous and almost untraceable which is very attractive to fraudsters. Another threatening trend is the Ransomware-as-a-Service (RaaS) business model where cybercriminals pay a fee for the propagation of malware or promise a percentage of the ransom paid by an infected user,” says Aleks Gostev, Chief Security Expert in the Global Research and Analysis Team (GReAT).

There is a further reason for the rise in ransomware attacks: users believe the threat is unbeatable. Businesses and individuals are not aware of the technology countermeasures that could help to prevent infection and the locking of files or systems; and by ignoring basic IT Security rules they allow cybercriminals and others to profit.

Alongside an overview of the major ransomware outbreaks, Kaspersky Lab has counted the overall level of cyberthreats in Q1 2016 globally.

According to Kaspersky Security Network data, the malware landscape in Q1 2016 was the following:

  • Kaspersky Lab products blocked a total of 228 million malicious attacks on computers and mobile devices.
  • 21.2 per cent of Internet users faced web-based attacks at least once, which is 1.5 per cent lower than in Q4, 2015.
  • 44.5 per cent of Kaspersky Lab solutions users faced a malicious threat at least once, which is a 0.8 per cent increase on Q4, 2015.
  • Kaspersky Lab solutions protected 459,970 users from cybercriminals’ fraudulent attempts to access online banking services and steal their money. This is a 23 per cent decrease compared with the previous quarter.
  • Cybercriminals continued to use vulnerabilities in Adobe Flash Player, Internet Explorer and Java to propagate malware. Less frequently, they used exploits for Java – according to our statistics this has decreased by 3.3 per cent on Q4, 2015 and equals eight per cent of overall exploit statistics for Q1. The same statistics registered an increased use of vulnerabilities in Flash (a rise of one per cent, which is six per cent in total) and Microsoft Office (an increase of ten per cent, which is 15 per cent in total).
Major mobile cyberthreats in Q1 were:

  • The share of adware in overall mobile threats in Q1 equals 42.7 per cent which made adware the leading mobile threat. We observed a 13 per cent increase on the previous quarter.
  • 4,146 new mobile Trojans were detected which is 1.7 times more than in the previous quarter. Also, the number of detected SMS-Trojans continues to increase.
  • The number of new mobile ransomware has increased 1.4 times, from 1,984 in Q4, 2015 to 2,895 in Q1, 2016.
  • China became the most attacked country: 40 per cent of Kaspersky Lab security solutions users in this country have faced a mobile threat. Also on this list are Bangladesh (28 per cent) and Uzbekistan (21 per cent). On the other hand, the safest countries were Taiwan (2.9 per cent), Australia (2.7 per cent) and Japan (0.9 per cent).
The full Q1 cyberthreats report is available at Securelist.com.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top