According to Kaspersky Lab, ransomware appears to be the number one security threat nowadays. In its Threat Evolution report for the first quarter of this year, the security researchers registered approximately 3,000 ransomware malware modifications, and ransomware has surpassed APTs as the most troublesome threat.
The ransomware families that were causing the most damages in the first quarter of 2016 were TeslaCrypt, CTB-Locker and CryptoWall. At the same time, Locky ransomware was pronounced as the most widespread malware during the quarter.
According to ZDNet, the rise of ransomware news came out almost in tandem with the arrival of a new strain called Petya ransomware.
Petya is a particularly vicious infection which goes further than most by not only locking down files, but completely removing the access to hard drives and operating systems. The security experts from Kaspersky Lab have labeled this ability to apply full disk encryption as the “most significant technical innovation in ransomware.”
Though, Petya continue to evolve. Currently, the creators of Peyta have updated the ransomware to activate Mischa – another form of dangerous ransomware.
Dodi Glenn, VP of cyber security at PC Pitstop, commented:
“The first version of Petya was intense, wreaking all kinds of havoc once a PC became infected, including encrypting files and locking up the hard drive. However, in order for Petya to worm its way into your system, you needed to allow it administrator rights through the UAC security feature. Now with Mischa, you’re damned if you do, damned if you don’t.”
According to the Kaspersky Lab’s blog, Petya in its original form was far from perfect and security experts were able to recover lost files. However, hackers made some improvements and now they are doing exactly what many people have warned about – it is almost impossible to keep up with the threats. They are staying one step ahead and essentially re-inventing the way malware operates.
As Stu Sjouwerman, founder and CEO of KnowBe4, wrote:
“This is the first time that this type of malware comes with a double-barrel ransomware attack. It also uses innovative social engineering to trick the end user into opening a PDF resume, for example. Employees in human resources and accounting are high-risk groups that need to be taken through effective security awareness training, which includes frequent simulated phishing attacks.”