CryptoWall, Locky, and Cerber Are Today's Top 3 Ransomware Threats

[Petrovic]

Statistics gathered by US cyber-security firm Fortinet reveal that, between April 1, 2016, and May 15, 2016, the top five most prevalent ransomware families were in this order: CryptoWall (41.04%), Locky (34.36%), Cerber (24.17%), TorrentLocker (0.24%), and TeslaCrypt (0.09%).

 

 

You can put this recent data into context by first taking a look at a previous report from early March, which ranked CryptoWall, TeslaCrypt, and Locky as the top three most popular ransomware families.

 

TeslaCrypt's demise comes from the fact that recently its authors decided to shut down operations, even releasing a master decrypt key that can decrypt any files ever locked with TeslaCrypt.

 

There were unconfirmed rumors among infosec experts exchanged on Twitter that TeslaCrypt's authors might have moved on to distributing Cerber instead. This is only speculation at this point, but Fortinet's data shows a rise in popularity for this new ransomware that appeared at the start of the year, about the same time as Locky.

If the name sounds familiar, it's because Cerber is the ransomware that speaks to users by reading its ransom note out loud.

 

According to statistical data, Cerber has been very successful at infecting users in the US and Japan, but it has hit many other countries worldwide as well.

Below is a chart showing the daily activity trend from these ransomware variants. The huge spike in Locky activity is also related to one of the biggest spam floods in years, as we reported this past weekend.

Article source