The Top Ransomware Attacks of 2017
Ransomware developers had a good year in 2017. We saw new cyber threats emerging as well as creating chaos in the US, Europe, & other regions. Crypto-viruses was actively attacking home computer users’ files, & causing havoc in schools, medical institutions, schools, & whole cities.
According to recent studies, ransomware attacks are increasing at a yearly rate of 350 percent. A recent report predicts that cybercrime would be costing the world over $6 trillion annually by 2021. In the year 2015, the global ransomware damage costs stood at $325 million.
Here are some of the worst ransomware attacks of 2017:
WannaCry ransomware created worldwide chaos in May
WannaCry ransomware attack was undoubtedly the highlight of the year. Cybercriminals managed to infect over 230,000 computers in over 150 countries.
Among the victims of ransomware were Parts of UK’s National Health Service (NHS), American courier service FedEx, Spanish telecommunication company Telefónica, as well as many other businesses. Victims received a note demanding $300 in Bitcoin as ransom.
It was the first ransomware strain to use EternalBlue, which exploits a vulnerability in Microsoft’s SMB or Server Message Block protocol.
NotPetya infected thousands of computers
On July 2017, a malware that seemed very similar to a ransomware known as Petya started spreading across computers around the world, with infection sites focused in & around Ukraine.
The malicious program had hit airports, hit banks, advertising agencies, law firms, as well as power plants. It used the same EternalBlue vulnerability. The worst damage was done to Ukraine where the ransomware attacked Kyivenergo (the company that provides the capital of Ukraine with electricity and heat energy), Ukrainian power distributor “Ukrenergo” as well as Chernobyl’s radiation monitoring system.
BadRabbit had hit Ukraine & Russian organizations
On the 24 of October, the week before Halloween, Ukraine as well as Russian authorities had reported about massive ransomware attacks that had hit metro in Kiev, International Airport in Odessa, as well as Ministry of Infrastructure of Ukraine. However, apart from these two countries, many other countries were also hit.
This ransomware, detected as BadRabit, attacked home as well as corporate computers in South Korea, Japan, the United States, Germany, Turkey & Poland. Unlike other viruses, this one was installed using a drive-by attack.
Cerber attacked multiple countries
Cerber was one of the most dangerous viruses of 2016. However, it wasn’t very active in 2017. Developers of Cerber presented a few versions of malware in 2017, inlcuding, Help_help_help ransomware, which is a variant of Red Cerber, as well as Cerber 6.
In July 2017, researchers reported that cerber ransomware was actively spreading in Asian countries using Magnitude exploit kit. The virus had hit South Korea the hardest. Malware used malvertising as the main distribution strategy.
Furthermore, developers started using a new monetization method. Ransomware was updated & became capable of stealing Bitcoin wallet files & passwords saved in Google Chrome, Internet Explorer, as well as Mozilla Firefox.
Locky launched massive malspam campaigns
Locky, the star of 2016, went dark in early 2017. But, it resurfaced in August 2017 with one of its largest campaigns yet: 23 million spam emails sent out in 24 hours.