Ransomware has overtaken news about APT attacks to become the main topic of the quarter. According to Kaspersky Lab’s Q1 malware report, the company’s experts detected 2,900 new malware modifications during the quarter, an increase of 14 percent on the previous quarter. Kaspersky Lab’s database now includes about 15 thousand ransomware modifications and the number continues to grow.
In the first quarter of 2016, Kaspersky Lab security solutions saved 372,602 users from ransomware attacks, 17 percent of those attacked were in the corporate sector. The number of attacked users increased by 30 percent compared to Q4, 2015.
One of the most famous and widespread ransomware in Q1, 2016 was Locky. Kaspersky Lab products detected attempts to infect users with this Trojan in 114 countries, and as of early May 2016 it remains active. Another ransomware called Petya was interesting from a technical perspective because of its ability not only to encrypt data stored on the computer, but also to overwrite the hard disk drive's master boot record (MBR), leaving infected computers unable to boot into the operating system. According to Kaspersky Lab detections the top three ransomware families in Q1 were: Teslacrypt (58.4%), CTB-Locker (23.5%), and Cryptowall (3.4%). All three propagate mainly through spam emails with malicious attachments or links to infected web pages.
“One of the reasons why ransomware has become so popular lies in the simplicity of the business model used by cybercriminals. Once the ransomware gets into the users’ system there is almost no chance of getting rid of it without losing personal data. Also, the demand to pay the ransom in bitcoins makes the payment process anonymous and almost untraceable which is very attractive to fraudsters. Another threatening trend is the Ransomware-as-a-Service (RaaS) business model where cybercriminals pay a fee for the propagation of malware or promise a percentage of the ransom paid by an infected user,” says Aleks Gostev, Chief Security Expert in the Global Research and Analysis Team (GReAT).
There is a further reason for the rise in ransomware attacks: users believe the threat is unbeatable. Businesses and individuals are not aware of the technology countermeasures that could help to prevent infection and the locking of files or systems; and by ignoring basic IT Security rules they allow cybercriminals and others to profit.
Alongside an overview of the major ransomware outbreaks, Kaspersky Lab has counted the overall level of cyberthreats in Q1 2016 globally.
According to Kaspersky Security Network data, the malware landscape in Q1 2016 was the following:
Major mobile cyberthreats in Q1 were:
The full Q1 cyberthreats report is available at securelist.com.
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.