Skip to main content
  1. Home
  2. Computing
  3. News

Locky and Cerber have become the dominant ransomware families

Jonathan Keane
By

krack wi fi hack computer padlock
TheDigitalWay/Pixabay
In the ever-changing world of ransomware, there are two animals that are always leading the pack. According to new research from security company Malwarebytes, the Locky and Cerber ransomware families are neck and neck with hackers constantly developing new strains of the malware.

The report, which tracked ransomware activity between July and October, first found that Cerber was in a dominant position before being overtaken by Locky.

Recommended Videos

We’ve seen both families adapt to the times recently, trying to stay fresh and dangerous by adding new features and tactics. In November, Check Point revealed how cybercriminals were exploiting holes in Facebook and LinkedIn to download Locky onto victims’ computers via an image file. Also last month, Trend Micro published findings that showed how Cerber was encrypting users’ database files.

Related

Malwarebytes noted that the United States was by far the most infected country when it came to ransomware, with more strains avoiding detection by traditional antivirus software.

malwarebytes-chart-ransomware
Image used with permission by copyright holder

The company is looking at Russia as the most likely source of Locky and Cerber ransomware, either from Russian criminals or those with some affiliation with Russia.

Adam Kujawa, director of malware intelligence at Malwarebytes, pointed to the evidence that these forms of ransomware rarely infect Russian computers, using built-in functionality to detect if a user is based in Russia.

“They both recognize certain Russian IP addresses and say, ‘alright, we’re not going to infect you’ if you’re likely coming from Russia,” he said.

“I believe that is because if Russian law enforcement were to identify Russian people being hit by them, they’ll go after the attackers and take them down. If it’s going toward Western countries and the United States, they’re less likely to do anything about it.”

Of course, attribution is always hard when it comes to cybercrime. The Russia angle could very well be a smokescreen to deflect attention.

What is certain though is that ransomware is becoming increasingly sophisticated and surreptitious, avoiding detection and trying new tricks. Ordinary antivirus which still relies on signature detection to identify threats isn’t up to scratch.

One of the latest incarnations of ransomware has been so-called “doxware”, which as its name may suggest merges malicious encryption methods with doxing, the publishing of personal data online.

“It’s basically ‘we’re going to take your files, we’ll encrypt them, we’re demanding you pay us and if you don’t we’re going to throw it up on the internet’,” Kujawa said. “For an individual person that might not be a bad problem but for a company that could be huge.”

This is a devious but interesting workaround for the cases where a victim has a backup of their data and is unfazed by not paying. This all fuels the arms race between cybercriminals and security software vendors and regular people.

“There’s light at the end of the tunnel and this is a double-edged sword. The need for malware to develop further comes from the security community and the public at large ability to defend against these attacks,” explained Kujawa but every time we get better at security, cybercriminals change their tactics.

This isn’t likely to change in 2017. “They’re going to change their methods, I promise you that.”

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
This Samsung 27-inch QHD gaming monitor is almost 50% off
Samsung's 2023 Odyssey Neo G7 sitting on a table.

Complete your PC gaming setup with the 27-inch Samsung Odyssey G6 curved gaming monitor, which is available from Walmart with a $333 discount that nearly halves its original price of $700 to only $367. This is one of the most attractive monitor deals that we've seen recently due to all of the features that you'll be getting for this affordable price. You're going to have to act fast though -- the offer may expire at any moment, so you're going to want to complete your purchase before that happens.

Why you should buy the 27-inch Samsung Odyssey G6 curved gaming monitor
The Samsung Odyssey G6 curved gaming monitor is an excellent display for the best PC games. The gaming monitor offers QHD resolution so that you'll enjoy sharp details and vivid colors while you're playing, while the 1000R curvature matches the curve of your eye and fills your peripheral vision for a more comfortable viewing experience. This is important when you have the habit of playing video games for several hours at a time. The Samsung Odyssey G6 curved gaming monitor also supports the Samsung Gaming Hub, which will let you access various cloud gaming services in one place.

Read more
Forget Apple’s 5K Studio Display: Dell’s UltraSharp 6K monitor is $150 off
The Dell 32-inch UltraSharp 6K monitor on a white background at a side angle.

Excited by the prospect of the world’s first 6K monitor? Be even more excited when you realise that Dell has discounted the Dell UltraSharp 32 6K Monitor at the moment so you can buy it for $150 off. One of the best high-end monitor deals out there today, it’s perfect for those who want the ultimate monitor right now. Usually priced at $2,480, it’s down to $2,330 for a limited time. Here’s what you need to know about it.

Why you should buy the Dell UltraSharp 32 6K Monitor
The best 4K monitors look great but they won’t compete with the wonders of the Dell UltraSharp 32 6K Monitor and its 6144 x 3456 resolution. That amount of pixels is spectacular in all the right ways with a color gamut of 99% DCI-P3 further aiding matters. It has an IPS Black panel which is a superior type of IPS panel. It offers 35% deeper blacks and greater gray colour level accuracy than conventional IPS for exceptional contrast and a sharper content viewing experience. It’s well-suited for content creation and video editing so it’s just what someone needs from a 6K screen. The 32-inch screen promises up to 156% more pixels compared to a 4K monitor with wide color coverage and exceptional 2000:1 contrast ratio.

Read more
This flash deal gets you 80% off a 2-year SurfShark VPN subscription
The Surfshark logo on a blue background.

It's highly recommended for everyone to have a VPN (virtual private network) in their devices, as you can never be too sure when it comes to your online privacy. The good ones don't come cheap though, which is why VPN deals always attract a lot of attention. Here's one for you to shop -- a two-year subscription to the SurfShark VPN Starter Plan for only $57, following an 80% discount from StackSocial on its original price of $290. You're going to have to hurry with your purchase if you're interested though, as we expect the offer and its savings of $233 to get sold out quickly.

Why you should buy the SurfShark VPN Starter Plan
First, you need to understand what is a VPN. Simply put, it's a necessity these days due to how much our daily lives rely on online activities. A VPN will protect your personal and financial information from cybercriminals, preventing headaches caused by identity theft and unauthorized charges on your credit cards. It will also allow you to bypass any geoblocking restrictions as you can have your device appear as if it's located in another place.

Read more