We see you, ransomware flingers, testing out your baddest stuff on... Germany?

Securobods file data hostage report

A Ransom Note

A security firm has floated the theory that malware authors are using German firms as a testing ground for their wares prior to wider distribution.

Four in five (81 per cent) of ransomware detected in corporate environments occurred in North America. Germany is the second-most impacted country by ransomware, leading Malwarebytes to theorise that malware authors could be using companies in Germany as a testbed for their wares.

Anti-malware firm Malwarebytes said ransomware distribution last year more than trebled, increasing 267 per cent between January 2016 and November 2016 alone.

In the fourth quarter of 2016 alone, anti-malware firm Malwarebytes said it had catalogued nearly 400 variants of ransomware. Ransomware detections accounted for 12.3 per cent of all enterprise threats, but only 1.8 percent of consumer threats.

Ad fraud malware, led by Kovter malware, exceeded ransomware detections at times, with two-thirds of all infections logged by Malwarebytes cropping up in the US.

Elsewhere, Asia and Europe saw sporadic spikes in botnet activity. For example, the Kelihos botnet grew 785 per cent in July and 960 per cent in October, while IRCBot grew 667 per cent in August and Qbot grew 261 per cent in November.

Malwarebytes' global state of malware report can be found here (pdf).

Ransomware is a type of malware that encrypts files on infected PCs before demanding extortionate payments in return for the encryption keys needed to unlock compromised data. ®


Biting the hand that feeds IT © 1998–2017