PREVIOUS ARTICLENEXT ARTICLE
NEWS
By 19 August 2019 | Categories: news

0

16 017. That’s the number of new ransomware modifications that have been detected by Kaspersky in the second quarter of this year. Even more disturbing is that it is more than double the number of new samples detected a year ago, in Q2 2018 (7 620). As well, the new ransomware variants were found to belong to eight new malware families by the Kaspersky IT Threat Evolution Q2 2019 report.

Bringing the number home to a more personal level, the report revealed that more than 230 000 users were attacked during the second quarter of the year.

Kaspersky further unpacked a particular type of ransomware called a Trojan Ransom. This, it explained, can be equally successful in both private and corporate attacks, as its functionality is simple yet highly effective. These Trojans encrypt files on a user’s computer and demand a ransom for the files to be released.

So why should these numbers give you pause? Well, because the increase in malicious modifications and the appearance of new families is a dangerous sign that criminal activity is intensifying, with new malware versions emerging, according to Kaspersky.

The second quarter of 2019 was not a good time for cybercrime victims, who, appparently experienced a high number of infection attempts. According to Kaspersky data, 232 292 unique users were targeted by such attacks – 46% more than a year ago, in Q2 2018 (158 921). The only good news in that is that South African were not the most frequent victims. Rather, the countries with the largest share of attacked users were Bangladesh (9%), Uzbekistan (6%) and Mozambique (4%).

The bad news is that two years later WannaCry is still alive and kicking, earning the honour of being   the ransomware family that attacked users most often in Q2 2019 (23.4% cases). According to Kaspersky, this is despite the fact that Microsoft released a patch for its operating system to close the vulnerability exploited by the ransomware two months prior to the start of the widespread and destructive attacks two years ago. Alas, WannaCry still remains in the wild.

But WannaCry is not the only unexpected threat to watch out for. Another major actor was Gandcrab with 13.8% share, despite its creators announcing that GandCrab wasn’t going to be distributed from the second half of the quarter.

“In this quarter we observed an increase in the number of new ransomware modifications, even though the Gandcrab family closed down in early June. The GandCrab ransomware family has long been one of the most popular cryptors amongst cybercriminals. For more than 18 months it has stayed in the list of the most rampant ransomware families we detect, but even its decline did not lower the statistics, as there are still other numerous widespread Trojans,” explained Fedor Sinitsyn, security researcher at Kaspersky.

“The GandCrab case is a good illustration of how effective ransomware can be, with its creators stopping their malicious activity after claiming they made a tremendous amount of money by extorting funds from their victims. We expect new actors to replace GandCrab and urge everyone to protect their devices by installing software updates regularly and choosing a reliable security solution,” he continued.  

As disturbing as the news is, no-one is going to cease connecting to the internet, or throw Wi-Fi away. So instead, Kaspersky offered three pieces of advice to reduce the risk of infection:

  • Always update your operating system to eliminate recent vulnerabilities and use a robust security solution with updated databases
  • Do not pay the ransom if you find your files have been encrypted with cryptomalware. This will only encourage cybercriminals to continue and infect more people’s devices. It is better to find a decryptor on the internet – some are available for free here: https://noransom.kaspersky.com/
  • Always have fresh backup copies of your files, so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on the device but also in cloud storage for greater reliability.

USER COMMENTS

Read
Magazine Online
TechSmart.co.za is South Africa's leading magazine for tech product reviews, tech news, videos, tech specs and gadgets.
Start reading now >
Download latest issue

Have Your Say


What new tech or developments are you most anticipating this year?
New smartphone announcements (43 votes)
Technological breakthroughs (27 votes)
Launch of new consoles, or notebooks (14 votes)
Innovative Artificial Intelligence solutions (27 votes)
Biotechnology or medical advancements (21 votes)
Better business applications (132 votes)