Browser Ransomware Attacks are Massive in Scale
During December I wrote about the tricks and tactics of Browser Ransomware. Browser Ransomware is malware that works in different types of browsers to prevent people from using their PCs. To get access back to their own PC, the victim of this malware must pay a ransom to unblock it. The key to success for this attack is its translations into many different languages, giving the cybercrooks a bigger pool of potential victims.
Today I would like to look back on Browser Ransomware attacks and share some data from our avast! CommunityIQ with you.
We detect Ransomware attacks using several different methods. The detections I checked were created January 30, 2014. I was really surprised at the huge impact this attack has had on AVAST users.
Cybercrooks behind the attacks continually change the domains which hosts the locker. Every ten minutes approximately one new domain is created, and these numbers are slightly growing.Users are then redirected to the new domain.
These days the malicious domains are hosted on 117 different IP addresses. These IP addresses are distributed around the world from Austria to Brazil to Canada. These are addresses in Montreal, Canada and Denver, Colorado.
This map shows the location of users who have had close-calls with infected sites over the last five days. Browser ransomware is making a huge impact on AVAST users in France, most of North America, some of the Nordic countries, and Australia.
Examining the data since the detection was created shows the huge amount of users visiting ransomware infected domains in North America, but an even higher number of users were from Poland. Additional hotspots with considerable numbers are Italy, Canada, some countries in Africa, South America and Russia.
avast! Antivirus users are protected from visiting sites with Ransomware, but you should never forget that every computer user can be affected by new criminal tactics. In that case only common sense can help protect your data, money, and computers.
French version of Browser ransomware:
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Highly effective Cerber ransomware is spread via phishing emails and demands more than $700 in ransom
Based on analysis of past Locky ransomware attacks, experts in the Avast Threat Labs predict that another attack is imminent.