Ransomware in 2017

An end-of-the-year report from US cyber-security firm Malwarebytes reveals that ransomware, adware, and cryptojacking were extremely popular with cyber-criminals in 2017.

Data compiled by the company's security products reveals growth in almost all cyber-crime categories, with 2017 being a very successful year across the board for malware authors, phishers, and other cyber-criminal groups.

Record ransomware volumes in 2017

According to the Malwarebytes' 2017 State of Malware Report, ransomware attacks against consumers went up more than 93% while ransomware attacks against businesses increased 90%.

Of all of 2017, the month of September was the busiest one, while the period between July 2017 and September 2017 saw a 700% increase in ransomware attacks overall, compared to the same period in 2016.

The security firm says that most of the ransomware detections during the past year came for families like WannaCry, Locky, Cerber, and GlobeImposter.

Seeing ransomware among Malwarebytes' top threats of 2017 is no surprise if we remember that 2017 saw three major ransomware outbreaks —WannaCry, NotPetya, BadRabbit— that made tens of thousands of victims worldwide.

Despite this, self-spreading ransomware was not such a big problem, and most infections came from mundane spam campaigns and malvertising/exploit kits.

The ransomware business declined toward the end of the year

While infections continued to grow, Malwarebytes says that towards the end of the year, ransomware's dominance slowly started to wane, as researchers spotted fewer and fewer families and crooks shifted toward other —old and new— malware operations.

At the beginning of the year, the domination that ransomware had over the primary infection vectors made it seem like dealing with ransom malware would be the new norm moving forward. However, trends over the last few months have shown a shift away from ransomware. In fact, many mechanisms for distributing malware have either gone back to the old favorites, like banking Trojans and spyware, or moved onto the newer trend of delivering cryptocurrency miners.

Bleeping Computer also noticed the same thing, as during the past few weeks of 2017, our weekly ransomware write-ups have started to contain lesser and lesser entries, an obvious clue that fewer and fewer malware authors were creating new ransomware strains or deploying them in live campaigns.

As for the rest of the malware scene, here are some of the other key findings from Malwarebytes' 2017 State of Malware Report:

◙  Malwarebytes blocked an average of 8 million cryptojacking (in-browser mining) attempts per day.
◙  The second half of the year marked an average of 102% increase in banking trojan detections.
◙  Adware became the top threat to home users in 2017.
◙  Hijackers became the top threat to businesses users in 2017.
◙  Adware volume is up, but there are fewer adware developers active.
◙  Detections of adware in 2017 showed immense distribution volume, up 132% year-over-year.
◙  Adware now represents almost 40% of our consumer
threat detections,
◙  Exploit kits took a dive while malspam was unleashed.
◙  2017 showed little development for exploit kits.
◙  No new zero-day exploits were used by any of the remaining exploit kits still in the wild.
◙  Scams in 2017 were notable for a shift in tactics away from the traditional browser locker to phishing emails and malvertising.
◙  As Bitcoin price rose, there was an upswing in Bitcoin-related scams towards the end of 2017.
◙  Spyware saw a big uptick in attacks towards the end of 2017.

Top malware threats in 2017

Related Articles:

Android Malware Tricks User to Log into PayPal to Steal Funds

Company Pretends to Decrypt Ransomware But Just Pays Ransom

The Week in Ransomware - December 7th 2018 - WeChat Ransomware, Scammers, & More

Ransomware Infects 100K PCs in China, Demands WeChat Payment

Chinese Police Arrest Dev Behind UNNAMED1989 WeChat Ransomware