Saturday, October 16, 2021

Ransomware detections more than double on Kaspersky network

More evidence about the rapid spread of ransomware comes from the latest quarterly IT threat survey from Kaspersky Lab, which said this week that the number of Internet users that encountered ransomware more than doubled in the third quarter of this year compared to Q2.

It’s the third quarterly increase in a row, a testament to how much criminals like ransomware for pulling in money, as well as to how far behind security awareness training is among users.

The company said more than 821,860 were hit by the malware among those in the Kaspersky Security Network, which includes customers of its own and other antivirus service providers. The numbers come from customers that agreed to provide them.

“Crypto ransomware continues to be one of the most dangerous threats, both to private users and to businesses,” Fedor Sinitsyn, ransomware expert at Kaspersky Lab. said in a statement. “The recent jump in the number of attacked users may have been provoked by the fact that the number of modifications of ransomware we detected in Q3 – more than 32,000 modifications – was 3.5 times more than in Q2. This may be due to the fact that security companies nowadays invest a lot of resources into being able to detect new samples of ransomware as fast as possible. Criminals must therefore avoid detection by creating more new modifications of their malware.”

The main driver of growth in the number of attacked users was Trojan-Downloader.JS.Cryptoload,” Kaspersky said. It’s a family of downloaders written in JavaScript and capable of downloading different families of crypto ransomware. The most widespread of these in Q3 included CTB-Locker (28.34 per cent of attacked users), Locky (9.6 per cent) and CryptXXX (8.95 per cent).

The other key findings of the ‘IT Threat Evolution in Q3 Report’ include:

  • 45 million malicious URLs were detected in the quarter, which hosted malicious objects like scripts, exploits, executable files etc.
  • The number of users attacked with banking malware grew by 5.8 per cent and reached 1,198,264.
  • Browsers and Android OS remain the most frequently attacked software when it comes to exploits. Forty-five per cent of exploits detected by Kaspersky Lab were aimed at browsers, and 19 per cent of these malicious programs were built to exploit weaknesses in the popular Android mobile operating system.

During the quarter the Pokemon GO game was released. If that didn’t give CSOs nightmares when hackers added malicious code to the original app which spread through third-party stores, criminals found another vehicle: Publishing an infected guide for the game in the official Google Play store. The app was an advertising Trojan capable of gaining root access to a device by exploiting vulnerabilities in the system.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Related Tech News