Locky and Cerber have become the dominant ransomware families

krack wi fi hack computer padlock
In the ever-changing world of ransomware, there are two animals that are always leading the pack. According to new research from security company Malwarebytes, the Locky and Cerber ransomware families are neck and neck with hackers constantly developing new strains of the malware.

The report, which tracked ransomware activity between July and October, first found that Cerber was in a dominant position before being overtaken by Locky.

We’ve seen both families adapt to the times recently, trying to stay fresh and dangerous by adding new features and tactics. In November, Check Point revealed how cybercriminals were exploiting holes in Facebook and LinkedIn to download Locky onto victims’ computers via an image file. Also last month, Trend Micro published findings that showed how Cerber was encrypting users’ database files.

Malwarebytes noted that the United States was by far the most infected country when it came to ransomware, with more strains avoiding detection by traditional antivirus software.


The company is looking at Russia as the most likely source of Locky and Cerber ransomware, either from Russian criminals or those with some affiliation with Russia.

Adam Kujawa, director of malware intelligence at Malwarebytes, pointed to the evidence that these forms of ransomware rarely infect Russian computers, using built-in functionality to detect if a user is based in Russia.

“They both recognize certain Russian IP addresses and say, ‘alright, we’re not going to infect you’ if you’re likely coming from Russia,” he said.

“I believe that is because if Russian law enforcement were to identify Russian people being hit by them, they’ll go after the attackers and take them down. If it’s going toward Western countries and the United States, they’re less likely to do anything about it.”

Of course, attribution is always hard when it comes to cybercrime. The Russia angle could very well be a smokescreen to deflect attention.

What is certain though is that ransomware is becoming increasingly sophisticated and surreptitious, avoiding detection and trying new tricks. Ordinary antivirus which still relies on signature detection to identify threats isn’t up to scratch.

One of the latest incarnations of ransomware has been so-called “doxware”, which as its name may suggest merges malicious encryption methods with doxing, the publishing of personal data online.

“It’s basically ‘we’re going to take your files, we’ll encrypt them, we’re demanding you pay us and if you don’t we’re going to throw it up on the internet’,” Kujawa said. “For an individual person that might not be a bad problem but for a company that could be huge.”

This is a devious but interesting workaround for the cases where a victim has a backup of their data and is unfazed by not paying. This all fuels the arms race between cybercriminals and security software vendors and regular people.

“There’s light at the end of the tunnel and this is a double-edged sword. The need for malware to develop further comes from the security community and the public at large ability to defend against these attacks,” explained Kujawa but every time we get better at security, cybercriminals change their tactics.

This isn’t likely to change in 2017. “They’re going to change their methods, I promise you that.”

Emerging Tech

Awesome Tech You Can’t Buy Yet: inflatable backpacks and robotic submarines

Check out our roundup of the best new crowdfunding projects and product announcements that hit the Web this week. You can't buy this stuff yet, but it sure is fun to gawk!

Is your PC safe? Foreshadow is the security flaw Intel should have predicted

Three new processor vulnerabilities have appeared under the 'Foreshadow' banner. They're similar in nature to Meltdown and Spectre, only they steal data from different memory spaces. Here's everything you need to know.
Home Theater

Want to save your favorite film? Here's how to fix a scratched DVD or CD

A scratched edition of your favorite DVD is no good, but our guide will show you how to fix a scratched DVD, whether you prefer to repair it using a smattering of peanut butter or Mr. Clean's Magic Eraser.

The Andromeda botnet still lingers as nations struggle to clean infected PCs

A report by Fortinet suggests that although the FBI and Europe ended the Andromeda botnet’s reign in late 2017, there are still infected PCs. Cleaning up these PCs isn’t progressing at the same pace across various regions.

Qualcomm’s Snapdragon 850 chip appears in benchmarks with improved performance

A benchmark for Qualcomm’s new Snapdragon 850 processor show a less-than-stellar increase in multi-core performance over the previous 835 chip. Introduced in June, the Snapdragon 850 promises up to 30 percent better performance.

These 30 apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find for the latest MacOS and how they can help out your…

With Q#, Microsoft is throwing programmers the keys to quantum

Quantum computers aren’t yet practical, but Microsoft has already developed a programming language for them. Q# works inside Visual Studio, just like most other languages, and could offer a gateway into the weird world of quantum physics.

Apple’s rumored entry-level MacBook may appear in September starting at $1,200

Apple may reveal new products in September including an entry-level 13-inch MacBook based on Intel’s seventh-generation processors. Apple originally intended these units to rely on Intel’s now-delayed 10nm “Cannon Lake” processors.

AirDrop makes sending files to Apple devices easy -- here's how

Want to send files or photos to your friends when you're standing directly beside them? Instead of texting or emailing, why not learn how to use AirDrop? Here's everything you need to know about using AirDrop on both iOS and MacOS.

Stay safe on the web and save up to $70 with McAfee Total Protection

If you don't have some sort of protection on your phone, tablet, or computer, you're basically leaving the door open for anyone looking to do some cyber burgling. Protect yourself for a year with McAfee Total Protection for just $30.

PDF to JPG conversion is quick and easy using these simple methods

Converting file formats can be an absolute pain, but it doesn't have to be. We've put together a comprehensive guide on how to convert a PDF to JPG, no matter which operating system you're running.
Product Review

Recent production woes make the Eve V a worse buy than it once was

Our Eve V review looks at a crowdsourced detachable tablet that checks some boxes for its backers. Its delay in making it to the market holds it back in some areas, and Eve Technology is an unknown quantity.

Here's how to convert an MP4 to an MP3 file with online and offline tools

Sometimes you just want the audio without the video. In this guide, we'll show you how to convert an MP4 to an MP3 using web-based software and dedicated programs for both Windows and MacOS.

Crypto-intrigued? Here's how to buy Bitcoin for the first time

Is it time to purchase your first Bitcoin investment? If you're ready to get involved in the cryptocurrency, we'll walk you through how to pick an exchange, how to choose the right wallet, and how to buy Bitcoin the safe way!