The latest statistics released by Microsoft, shows that the Cerber ransomware infections have accounted for a quarter of all ransomware detections for the past month. This information comes exclusively from Microsoft security products like Windows Defender.
Despite the fact that other security companies can provide different statistics, most of them have blogged about Cerber ransomware campaigns over the past 30 days, meaning that the Cerber malware family has been very active not only during the past month, but even before it.
According to the statistics, Cerber accounted for 25.97% of all ransomware detections, while Exxroute (another name for CryptXXX) took the second place with 15.39% of all detections. These two were followed by Locky on the third place, with 12.80%.
The presence of Locky in the top three most detected ransomware threats is a bit strange, considering the fact that Locky distribution took a long break at the same time when the Necurs botnet also went down for three weeks.
Alongside the shutdown of Necurs botnet, malware distribution took a big tumble altogether last month. The security company Enigma Software even reported that June 2016 has had the lowest number of overall malware infections than any month since April 2013.
Despite the drop in overall malware numbers, the company reports that ransomware figures weren’t affected, with the numbers of monthly ransomware infections jumping 7.92% over the past year.
Currently, Microsoft’s July 2016 release of the Microsoft Malicious Software Removal Tool (MSRT) comes with dedicated support for Cerber ransomware’s detection.