More than 16,017 new ransomware modifications detected

A Trojan-Ransom can be equally successful in both private and corporate attacks.

Update: 2019-08-22 10:31 GMT
The group has continued its activity - despite the arrest last year of alleged group leaders - implementing sophisticated spear-phishing campaigns throughout 2018 and distributing malware to each target through specially tailored emails.

Kaspersky researchers detected 16,017 new ransomware modifications in Q2 2019 – including ones belonging to eight new malware families. This is more than double the number of new samples detected a year ago, in Q2 2018 (7,620). The Kaspersky IT Threat Evolution Q2 2019 report also highlights that more than 230,000 users were attacked during the quarter, along with other key findings.

A Trojan-Ransom can be equally successful in both private and corporate attacks, as its functionality is simple yet highly effective. These Trojans encrypt files on a user’s computer and demand a ransom for the files to be released. The increase in malicious modifications and the appearance of new families is a dangerous sign that criminal activity is intensifying, with new malware versions emerging.

The second quarter of the year experienced a high number of infection attempts. According to Kaspersky data, 232,292 unique users were targeted by such attacks – 46 per cent more than a year ago, in Q2 2018 (158,921). The countries with the largest share of attacked users were Bangladesh (9 per cent), Uzbekistan (6 per cent) and Mozambique (4 per cent).

The ransomware family that attacked users most often in Q2 2019 (23.4 per cent cases) was still WannaCry. Even though Microsoft released a patch for its operating system to close the vulnerability exploited by the ransomware two months prior to the start of the widespread and destructive attacks two years ago, it still remains in the wild. Another major actor was Gandcrab with 13.8 per cent share, despite its creators announcing that GandCrab wasn’t going to be distributed from the second half of the quarter.

To reduce the risk of infection, Kaspersky advises private users to:

  • Always update your operating system to eliminate recent vulnerabilities and use a robust security solution with updated databases
  • Not pay the ransom if you find your files have been encrypted with cryptomalware. This will only encourage cybercriminals to continue and infect more people’s devices. It is better to find a decryptor on the internet – some are available for free here -> Free Decryptors.
  • Always have fresh backup copies of your files, so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on the device but also in cloud storage for greater reliability.
Tags:    

Similar News