This article is more than 1 year old

CryptoLocker-style ransomware booms 700 PER CENT this year

Even as cops crow over decapitated hydra, new versions spring up unchecked

CryptoLocker-style ransomware is eight times more common now than in January, going a long way towards overtaking fake police warning ransomware scams, according to Symantec.

The disruption of the GameOver Zeus banking trojan botnet back in late May took away one of the main distribution methods for CryptoLocker itself.

Security firms have since developed a service that allows victims to recover files scrambled by CryptoLocker without caving in to the demands of extortionists.

About 545,000 computers worldwide, around half of those being in the US, have been infected with CryptoLocker between September 2013 and May 2014. Victims have been defrauded to the tune of $27m (£16m) as a result of the malware, according to FBI estimates from June.

While it was active CryptoLocker was extremely successful. Its legacy continues in the form of "tribute bands" even though the main scam itself has effectively been neutralised.

CryptoLocker-style ransomware has seen a 700 per cent-plus increase. "These file-encrypting versions of ransomware began the year comprising 1.2 per cent of all ransomware detections, but now make up 31 per cent at the end of August," Symantec reports.

CryptoDefense has emerged as the most commonly detected file-scrambling ransomware scam over recent weeks, after first taking off in large numbers during June (and after crooks fixed coding flaws in early versions of the threat). "By the end of July, it made up 77 per cent of all crypto-style ransomware for the year to date," Symantec adds.

The latest edition of the Symantec Intelligence Report (summary here) also looks at trends in spear-phishing attacks and identity theft. The full 23 page report is here (PDF). ®

More about


Send us news

Other stories you might like