Kaspersky Lab has released a new report whose findings indicate that crypto-ransomware attacks are on the increase and will not end anytime soon. Ransomware is a type of malware that, upon infecting a device, blocks access to it or to some or all of the information stored on it. In order to unlock either the device or the data, the user is required to pay a ransom, usually in bitcoins or another widely used e-currency. The Kaspersky Lab report covers the evolution of the threat over the last two years.
The main findings of the report were that:
- The total number of users who encountered ransomware between April 2015 and March 2016 rose by 17.7% compared to the previous 12 months (April 2014 to March 2015) – from 1,967,784 to 2,315,931 users around the world;
- The proportion of users who encountered ransomware at least once out of the total number of users who encountered malware rose 0.7 percentage points, from 3.63% in 2014-2015 to 4.34% in 2015-2016;
- Among those who encountered ransomware, the proportion who encountered cryptors rose dramatically – up 25 percentage points, from 6.6% in 2014-2015 to 31.6% in 2015-2016;
- The number of users attacked with cryptors rose 5.5 times, from 131,111 in 2014-2015to 718,536 in 2015-2016;
- The number of users attacked with Win-lockers decreased 13.03%, from 1,836,673 in 2014-2015 to1,597,395 in 2015-2016;
As Kaspersky says “the prevalence of ransomware has been sporadic, rising and falling every few months. The rise in the use of crypto-malware has been more consistent: showing a steady increase in the number of attacked users, particularly from March 2015, before peaking in December 2015.” While blocking and other non-encrypting ranswomware were decreasing, crypto-ransomware attacks were increasing.
Kaspersky also mentions that a short list of suspects was responsible for the attacks. “In the first period, from April 2014 to March 2015, the most actively propagated encryptors were the following groups of malware: CryptoWall, Cryakl, Scatter, Mor, CTB-Locker, TorrentLocker, Fury, Lortok, Aura, and Shade. Between them they were able to attack 101,568 users around the world, accounting for 77.48% of all users attacked with crypto-ransomware during the period.”
Read more here.