The number of Internet users that encountered encrypting ransomware attacks perpetuated by cybercriminals grew about 2.6 times reaching 821,865 people in Q3 2016, Kaspersky Lab quarterly IT threat evolution report says.
Encrypting ransomware is a malware that encrypts a victim’s files and demands a ransom in exchange for file decryption. It is still one of the most widespread types of activity which modern cybercriminals are involved in. It has a relatively low development cost and can yield a potentially high income if it results in successful infection, Kaspersky Lab said in a statement sent to techTV.ph..
Besides increasing their number of victims, criminals are also exploring new geographies.
According to the report: “In Q3 the top five countries with the highest percentage of users attacked with encrypting ransomware were: Japan (4.83%), Croatia (3.71%), South Korea (3.36%), Tunisia (3.22%) and Bulgaria (3.2%).”
In the previous quarter, first place was held by Japan, while the second, third and fourth were held by Italy, Djibouti and Luxembourg. These three countries left the top five in Q3 to give way to others.
“Crypto ransomware continues to be one of the most dangerous threats, both to private users and to businesses. The recent jump in the number of attacked users may have been provoked by the fact that the number of modifications of ransomware we detected in Q3 – more than 32 thousand modifications – was 3.5 times more than in Q2,” said Fedor Sinitsyn, ransomware expert at Kaspersky Lab.
“This may be due to the fact that security companies nowadays invest a lot of resources into being able to detect new samples of ransomware as fast as possible. Criminals must therefore avoid detection by creating more new modifications of their malware,” said Fedor Sinitsyn, ransomware expert at Kaspersky Lab,” Sinitsyn said.
The other key findings of the ‘IT Threat Evolution in Q3 Report’ include:
- According to KSN data, in Q3 Kaspersky Lab solutions detected and repelled a total of 171,802,109 malicious attacks from online resources located all over the world. This is slightly fewer than in the previous quarter, when 171,895,830 attacks were blocked.
- Of these, 45,169,524 were malicious URLs hosting 12,657,673 malicious objects like scripts, exploits, executable files etc.
- The number of users attacked with banking malware grew by 5.8% and reached 1,198,264.
- Browsers and Android OS remain the most frequently attacked software when it comes to exploits. 45% of exploits detected by Kaspersky Lab were aimed at browsers, and 19% of these malicious programs were built to exploit weaknesses in the popular Android mobile operating system.
More information about the most significant changes in the cyberthreat landscape from July to September 2016 can be accessed at the full “IT Threat Evolution in Q3 2016 Report” on Securelist.com.
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.