跳到主体内容

Non-Stop: The Number of Users Attacked with Encrypting Ransomware Grew 2.6 Times in Q3 2016

2016年11月3日

The number of Internet users that encountered encrypting ransomware more than doubled in Q3 2016, reaching 821 865 people, according to the Kaspersky Lab quarterly IT threat evolution report.

The number of Internet users that encountered encrypting ransomware more than doubled in Q3 2016, reaching 821 865 people, according to the Kaspersky Lab quarterly IT threat evolution report. The number of people attacked has now risen for the third quarter in the row.   

Encrypting ransomware – malware that encrypts a victim’s files and demands a ransom in exchange for file decryption – is still one of the most widespread types of activity which modern cybercriminals are involved in. It has a relatively low development cost and can yield a potentially high income if it results in successful infection.

Besides increasing their number of victims, criminals are also exploring new geographies. In Q3 the top five countries with the highest percentage of users attacked with encrypting ransomware were: Japan (4.83%), Croatia (3.71%), South Korea (3.36%), Tunisia (3.22%) and Bulgaria (3.2%). In the previous quarter, first place was held by Japan, while the second, third and fourth were held by Italy, Djibouti and Luxembourg. These three countries left the top five in Q3 to give way to others.

The main driver of growth in the number of attacked users was Trojan-Downloader.JS.Cryptoload – a family of downloaders written in the JavaScript language and capable of downloading different families of crypto ransomware. The most widespread of these in Q3 included CTB-Locker (28.34% of attacked users), Locky (9.6%) and CryptXXX (8.95%).

“Crypto ransomware continues to be one of the most dangerous threats, both to private users and to businesses. The recent jump in the number of attacked users may have been provoked by the fact that the number of modifications of ransomware we detected in Q3 – more than 32 thousand modifications – was 3.5 times more than in Q2. This may be due to the fact that security companies nowadays invest a lot of resources into being able to detect new samples of ransomware as fast as possible. Criminals must therefore avoid detection by creating more new modifications of their malware,” - said Fedor Sinitsyn, ransomware expert at Kaspersky Lab.

The other key findings of the ‘IT Threat Evolution in Q3 Report’ include:

  • According to KSN data, in Q3 Kaspersky Lab solutions detected and repelled a total of 171,802,109 malicious attacks from online resources located all over the world. This is slightly fewer than in the previous quarter, when 171,895,830 attacks were blocked.
  • Of these, 45,169,524 were malicious URLs hosting 12,657,673 malicious objects like scripts, exploits, executable files etc.
  • The number of users attacked with banking malware grew by 5.8% and reached 1,198,264.
  • Browsers and Android OS remain the most frequently attacked software when it comes to exploits. 45% of exploits detected by Kaspersky Lab were aimed at browsers, and 19% of these malicious programs were built to exploit weaknesses in the popular Android mobile operating system.

To learn more about the most significant changes in the cyberthreat landscape from July to September 2016, read the full version of ‘IT Threat Evolution in Q3 2016 Report’ that includes two parts: Overview and Statistics.

Non-Stop: The Number of Users Attacked with Encrypting Ransomware Grew 2.6 Times in Q3 2016

The number of Internet users that encountered encrypting ransomware more than doubled in Q3 2016, reaching 821 865 people, according to the Kaspersky Lab quarterly IT threat evolution report.
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻