The first quarterly threat report of the year shows growing need to be Ransom Aware
The first quarterly threat report of the year shows growing need to be Ransom Aware
Woburn, MA – May 5, 2016 –Kaspersky Lab has today published its Q1 IT Threat Evolution Report, which reported that 2,900 new ransomware malware modifications were detected during the quarter, which is an increase of 14 percent on the previous quarter. In addition, the number of attempted ransomware attacks increased by 30 percent.
During the quarter, Kaspersky Lab security solutions prevented 372,602 ransomware attacks on users, 17 percent of which targeted the corporate sector. The Company’s database now includes about 15,000 ransomware modifications and the number continues to grow.
Along with an overall increase in the amount of ransomware detected, company researchers came across various pieces of ransomware throughout the first quarter. This includes for example the widespread ransomware, Locky. Kaspersky Lab products detected attempts to infect users with this Trojan in 114 countries, and as of early May 2016 it remains active. Another ransomware called Petya was discovered, which not only encrypts data stored on the computer, but also overwrites the hard disk drive's master boot record (MBR), leaving infected computers unable to boot into the operating system. In addition, Kaspersky Lab detected that the top three ransomware families in Q1 were: Teslacrypt (58.4%), CTB-Locker (23.5%), and Cryptowall (3.4%). All three propagate mainly through spam emails with malicious attachments or links to infected web pages.
“One of the reasons why ransomware has become so popular lies in the simplicity of the business model used by cybercriminals. Once the ransomware gets into the users’ system there is almost no chance of getting rid of it without losing personal data. Also, the demand to pay the ransom in bitcoins makes the payment process anonymous and almost untraceable which is very attractive to fraudsters. Another threatening trend is the Ransomware-as-a-Service (RaaS) business model where cybercriminals pay a fee for the propagation of malware or promise a percentage of the ransom paid by an infected user,” says Aleks Gostev, Chief Security Expert in the Global Research and Analysis Team, Kaspersky Lab.
Alongside an overview of the major ransomware outbreaks, Kaspersky Lab has counted the overall level of cyber threats in Q1 of 2016 globally.
According to Kaspersky Security Network (KSN) data, the malware landscape in Q1 2016 was the following:
· Kaspersky Lab products blocked a total of 228 million malicious attacks on computers and mobile devices.
· 21.2 percent of Internet users faced web-based attacks at least once, which is 1.5 percent lower than in Q4 of 2015.
· 44.5 percent of Kaspersky Lab solutions users faced a malicious threat at least once, which is a 0.8 percent increase on Q4 of 2015.
· Kaspersky Lab solutions protected 459,970 users from cybercriminals’ fraudulent attempts to access online banking services and steal their money. This is a 23 percent decrease compared with the previous quarter.
· Cybercriminals continued to use vulnerabilities in Adobe Flash Player (6%), Microsoft Office (10%) and Java (8%) to propagate malware.
Major mobile cyberthreats in Q1 were:
· The share of adware in overall mobile threats in Q1 equals 42.7 percent, which made adware the leading mobile threat. We observed a 13 percent increase on the previous quarter.
· 4,146 new mobile Trojans were detected which is 1.7 times more than in the previous quarter. Also, the number of detected SMS-Trojans continues to increase.
· The number of new mobile ransomware has increased 1.4 times, from 1,984 in Q4 of 2015 to 2,895 in Q1 of 2016.
· China became the most attacked country: 40 percent of Kaspersky Lab security solutions users in this country have faced a mobile threat. Also on this list are Bangladesh (28%) and Uzbekistan (21%). On the other hand, the safest countries were Taiwan (2.9%), Australia (2.7%) and Japan (0.9%).
The full Q1 cyberthreats report is available at securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.
Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Media Contact
Sarah Kitsos
781.503.2615
sarah.kitsos@kaspersky.com