The ransomware plague is turning into an epidemic, get your Bitcoins ready!
According to Kaspersky, there is a PC and Mobile Ransomware Plague. In a recent report, security firm Kaspersky Lab revealed that ransomware attacks on both PC and mobile devices have risen to epidemic level.
Ransomware is a malware that prevents victims from accessing information on their PC or mobile devices. These malwares encrypt important files or sometimes lock the computer and force the user to pay a ransom in return for gaining back access to their system.
Top Updates about the ransomware plague:
- The total number of users who encountered ransomware between April 2015 and March 2016 rose by 7% compared to the previous 12 months (April 2014 to March 2015) – from 1,967,784 to 2,315,931 users around the world;
- The proportion of users who encountered ransomware at least once out of the total number of users who encountered malware rose 0.7 percentage points, from 3.63% in 2014-2015 to 4.34% in 2015-2016;
- Among those who encountered ransomware, the proportion who encountered cryptors rose dramatically – up 25 percentage points, from 6.6% in 2014-2015 to 31.6% in 2015-2016;
- The number of users attacked with cryptors rose 5.5 times, from 131,111 in 2014- 2015 to 718,536 in 2015-2016;
- The number of users attacked with Win-lockers decreased 13.03%, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016;
- The number of users attacked with mobile ransomware grew almost 4 times: from 35,413 users in 2014-2015 to 136,532 users in 2015-2016.
- The top five countries affected by PC ransomware in 2015 were India (9.6%), the Russian Federation (6.41%), Kazakhstan (5.75%), Italy (5.25%) and Germany (4.26%).
Ransomware is rapidly moving from PC to Mobile, to IoT
The activity of mobile ransomware, although not as widely covered in the media as PC ransomware, also skyrocketed over the period covered by this report. Especially in the second half.
Mobile ransomware also skyrocketed, almost four times, from over 35,000 attacks, for the period of April 2014 to March 2015, to more than 136,500 a year later.
The top five countries affected by mobile ransomware last year were Germany (22.90%), Canada (19.61%), the United Kingdom (16.13%), the United States (15.64%) and Kazakhstan (14.42%).
The number of users encountering mobile ransomware at least once in the period April 2014 to March 2016
Top 10 countries with the highest percentage of mobile users attacked with malware Trojan-Ransom category as a proportion of users attacked with any kind of mobile malware.
“The extortion model is here to stay. Mobile ransomware plague emerged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone,” said Roman Unuchek, mobile security expert at Kaspersky Lab. And any connected device with an Internet address is at risk.
Families of mobile ransomware that users of our products encountered most often.
- In 2014-2015 these were: Pletor, Fusob, Svpeng and Small.
- In 2015-2016, Svpeng significantly reduced its activity hitting just a small share of the attacked users.
At some point during 2014-2015, Svpeng – originally known as a banking malware – was modified by its creators to be able to lock an infected device. Since then we have tracked both versions of Svpeng: the banking one and the ransomware. The ransomware branch gained visibly in popularity during 2014-2015, accounting for 5.64% of users attacked with any malware.
Unlike PC ransomware, which is already relatively widely covered by researchers from different companies, including Kaspersky Lab, mobile ransomware has so far not been researched in depth. In order to address this, we provide a brief description of the most widespread and dangerous mobile ransomware examples as of April 2016.