The number of Internet users he encountered ransomware encryption programs more than doubled in the third quarter of 2016, touching 821.865 individuals, according to its quarterly report Kaspersky Lab on the evolution of threats in the field of Information Technology.
The number of people who have been assaulted is still rising for the third quarter in the series.
The encryption ransomware, malicious λογισμικό που κρυπτογραφεί τα αρχεία του θύματος και απαιτεί ransom in exchange for decrypting the file, it is still one of the most common types of activities engaged in by modern digital criminals. It has a relatively low development cost and can yield a potentially high income if it leads to a successful "infection".
In addition to increasing the number of their victims, criminals are also exploring new geographical areas. In the third quarter, the five countries with the highest percentage of users attacked with encryption ransomware were Japan (4,83%), Croatia (3,71%), South Korea (3,36%), Tunisia (3,22%) and Bulgaria (3,2%). In the previous quarter, Japan ranks first, while in second, third and fourth place were Italy, Djibouti and Luxembourg respectively. These three countries have left the top five in the third quarter to take their place in others.
The main reason for the increase in the number of attacked users was Trojan-Downloader.JS.Cryptoload, a downloaders family written in JavaScript and capable of downloading different crypto ransomware families. The most common of these in the third quarter include CTB-Locker (28,34% attacked users), Locky (9,6%) and CryptXXX (8,95%).
"The programms crypto ransomware continue to be one of the most dangerous threats, both for individuals users as well as for businesses. H a recent increase in the number of attacked users may have been caused by the fact that the number of modifications to the ransomware programs we detected in the third quarter (more than 32.000 modifications) was 3,5 times higher than in the second quarter. This may be due to the fact that security companies are investing a lot of resources nowadays to be able to detect new samples of ransomware as quickly as possible. Criminals should therefore avoid locating, creating more new malware modifications, Fedor Sinitsyn commented, ransomware expert of Kaspersky Lab.
The other key findings of the IT Threat Evolution in Q3 include:
- According to Kaspersky Security Network data, in the third quarter, Kaspersky Lab's solutions detected and totally eliminated 171.802.109 malicious attacks from online sources across the globe. It is slightly less than the previous quarter, during which 171.895.830 attacks were prevented.
- Of these, 45.169.524 was malicious URLs that hosted 12.657.673 malicious objects such as scripts, exploits, executable files, etc.
- The number of users attacked by bank malware programs increased by 5,8% and rose to 1.198.264 victims.
- Android browsers and Android operating systems remain the software most frequently attacked when it comes to exploits. 45% of exploits detected by Kaspersky Lab were targeted by browsers, and 19% of these malware programs were created to exploit the weaknesses of the popular Android operating system.
For more information on the most significant changes in the landscape of digital threats for July-September 2016, you can read the full report on the dedicated Securelist.com site (survey & Statistical data).
