The number of Internet users he encountered ransomware encryption programs more than doubled in the third quarter of 2016, touching 821.865 individuals, according to its quarterly report Kaspersky Lab on the evolution of threats in the field of Information Technology.
The number of people who have been assaulted is still rising for the third quarter in the series.
Encryption ransomware, malware that encrypts the archives του θύματος και απαιτεί λύτρα σε αντάλλαγμα για την αποκρυπτογράφηση του αρχείου, εξακολουθεί να είναι ένα από τα πιο διαδεδομένα είδη δραστηριοτήτων με το οποίο ασχολούνται οι σύγχρονοι ψηφιακοί εγκληματίες. Έχει ένα σχετικά χαμηλό κόστος ανάπτυξης και μπορεί να αποδώσει ένα δυνητικά υψηλό εισόδημα αν οδηγήσει σε μια επιτυχημένη «μόλυνση».
In addition to increasing the number of their victims, criminals are also exploring new geographical areas. In the third quarter, the five countries with the highest percentage of users attacked with encryption ransomware were Japan (4,83%), Croatia (3,71%), South Korea (3,36%), Tunisia (3,22%) and Bulgaria (3,2%). In the previous quarter, Japan ranks first, while in second, third and fourth place were Italy, Djibouti and Luxembourg respectively. These three countries have left the top five in the third quarter to take their place in others.
Ο βασικός υπαίτιος της αύξησης του αριθμού των χρηστών που δέχτηκαν επίθεση ήταν το Trojan-Downloader.JS.Cryptoload, μια οικογένεια downloaders γραμμένη σε γλώσσα JavaScript και ικανή να «κατεβάζει» διαφορετικές οικογένειες crypto ransomware. Στις πιο διαδεδομένες από αυτές το τρίτο τρίμηνο περιλαμβάνονται το CTB-Locker (28,34% χρηστών που δέχτηκαν επίθεση), το Locky (9,6%) και το CryptXXX (8,95%).
"The programms crypto ransomware continues to be one of the most dangerous threats, both for private users and businesses. H a recent increase in the number of attacked users may have been caused by the fact that the number of modifications to the ransomware programs we detected in the third quarter (more than 32.000 modifications) was 3,5 times higher than in the second quarter. This may be due to the fact that security companies are investing a lot of resources nowadays to be able to detect new samples of ransomware as quickly as possible. Criminals should therefore avoid locating, creating more new malware modifications, commented Fedor Sinitsyn, Kaspersky Lab's expert ransomware.
The other key findings of the IT Threat Evolution in Q3 include:
- According to Kaspersky Security data Network, in the third quarter Kaspersky Lab solutions detected and repelled a total of 171.802.109 malicious attacks from online sources worldwide. They are slightly less than the previous quarter, during which 171.895.830 attacks were blocked.
- Of these, 45.169.524 were malicious URLs hosting 12.657.673 malicious items such as scripts, exploits, executable files, etc.
- The number of users attacked by bank malware programs increased by 5,8% and rose to 1.198.264 victims.
- Android browsers and Android operating systems remain the software most frequently attacked when it comes to exploits. 45% of exploits detected by Kaspersky Lab were targeted by browsers, and 19% of these malware programs were created to exploit the weaknesses of the popular Android operating system.
For more information on the most significant changes in the digital threat landscape for the space July-September 2016, you can read the full report on the dedicated website Securelist.com (survey & Statistical data).
