Ransomware detections more than double on Kaspersky network

More evidence about the rapid spread of ransomware comes from the latest quarterly IT threat survey from Kaspersky Lab, which said this week that the number of Internet users that encountered ransomware more than doubled in the third quarter of this year compared to Q2.

It’s the third quarterly increase in a row, a testament to how much criminals like ransomware for pulling in money, as well as to how far behind security awareness training is among users.

The company said more than 821,860 were hit by the malware among those in the Kaspersky Security Network, which includes customers of its own and other antivirus service providers. The numbers come from customers that agreed to provide them.

“Crypto ransomware continues to be one of the most dangerous threats, both to private users and to businesses,” Fedor Sinitsyn, ransomware expert at Kaspersky Lab. said in a statement. “The recent jump in the number of attacked users may have been provoked by the fact that the number of modifications of ransomware we detected in Q3 – more than 32,000 modifications – was 3.5 times more than in Q2. This may be due to the fact that security companies nowadays invest a lot of resources into being able to detect new samples of ransomware as fast as possible. Criminals must therefore avoid detection by creating more new modifications of their malware.”

The main driver of growth in the number of attacked users was Trojan-Downloader.JS.Cryptoload,” Kaspersky said. It’s a family of downloaders written in JavaScript and capable of downloading different families of crypto ransomware. The most widespread of these in Q3 included CTB-Locker (28.34 per cent of attacked users), Locky (9.6 per cent) and CryptXXX (8.95 per cent).

The other key findings of the ‘IT Threat Evolution in Q3 Report’ include:

  • 45 million malicious URLs were detected in the quarter, which hosted malicious objects like scripts, exploits, executable files etc.
  • The number of users attacked with banking malware grew by 5.8 per cent and reached 1,198,264.
  • Browsers and Android OS remain the most frequently attacked software when it comes to exploits. Forty-five per cent of exploits detected by Kaspersky Lab were aimed at browsers, and 19 per cent of these malicious programs were built to exploit weaknesses in the popular Android mobile operating system.

During the quarter the Pokemon GO game was released. If that didn’t give CSOs nightmares when hackers added malicious code to the original app which spread through third-party stores, criminals found another vehicle: Publishing an infected guide for the game in the official Google Play store. The app was an advertising Trojan capable of gaining root access to a device by exploiting vulnerabilities in the system.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now