Almost all ransomware targets Windows devices


An overwhelming majority of them all Ransomware is goal-oriented Windows computer, according to a comprehensive new study of malicious files.

Performed by the popular web-based scanner service VirusTotal, the study is based on the analysis of around one million ransomware samples from a pool that was collected from over 140 countries between January 2020 and August 2021.

“According to our study, 95% of the ransomware files detected were Windows-based executables or dynamic link libraries (DLLs). Meanwhile, 2% were Android-based. ” wrote VirtusTotal.

TechRadar needs you!

We’re studying how our readers use VPNs with streaming sites like Netflix so we can improve our content and provide better advice. This survey will take no more than 60 seconds of your time and we would be very happy if you shared your experience with us.

>> Click here to start the survey in a new window

Based on the number of submissions, Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, the Philippines, Iran and the United Kingdom emerged as the ten most affected areas.

Never ending flood

The study helped identify at least 130 different ransomware families, which the researchers felt was no easy task given the similarities between the two Malware. Big crab emerges as the leading ransomware family, contained in approximately 78.5% of the samples.

Interestingly, the study finds that while activity comes and goes among the most prevalent ransomware families, there is a base activity of around 100 not-so-popular ransomware families that never stops.

Based on its analysis, VirtusTotal determines that in most cases attackers are preparing fresh new samples for their campaigns. In addition, only about 5% of the samples analyzed were linked to exploits.

“We believe this makes sense, as ransomware samples are typically delivered using social engineering and / or droppers,” the researchers note.

Coverage of the study by VirusTotal, The registry rightly states that the scanner measures the malware detected and not successful attacks. In addition, the study also seems to ignore the emergence of new attack vectors like ransomware, which is after network appliances, most of which are co-powered Linux.

Above The registry

Source link


Leave A Reply