14 DAY TRIAL // According to statistical data released by Microsoft today, the Cerber ransomware has accounted for a quarter of all ransomware detections for the past 30 days.
The data comes exclusively from Microsoft security products, such as Windows Defender. While some other security firms will provide different statistics, most of them have blogged about Cerber ransomware campaigns in the past month, so this threat family has been particularly active in the past month and even before.
While Cerber accounted for 25.97 percent of all ransomware detections, Exxroute (another name for CryptXXX) took the silver medal with 15.39 percent of all detections, followed by the infamous Locky with 12.80 percent.
Locky's presence in the top three most detected ransomware threats is somehow strange, taking into account that Locky distribution took a big break at the same time the Necurs botnet also went down for three weeks.
With the Necurs botnet shutdown, malware distribution took a big tumble altogether in June. Enigma Software has even reported that June 2016 had the lowest number of overall malware infections than any month dating back to April 2013.
Despite the drop in overall malware numbers, the company also says that ransomware figures weren't affected, with the numbers of monthly ransomware infections jumping 7.92 percent over 2015.
Microsoft's July 2016 release of the Microsoft Malicious Software Removal Tool (MSRT) now comes with dedicated support for detection of Cerber ransomware.
| Ransomware family | Share |
|---|---|
| Cerber | 25.97% |
| Exxroute | 15.39% |
| Locky | 12.80% |
| Brolo | 11.66% |
| Crowti | 9.97% |
| FakeBsod | 9.19% |
| Teerac | 3.94% |
| Critroni | 3.72% |
| Reveton | 2.86% |
| Troldesh | 1.21% |
| Ranscrape | 1.18% |
| Sarento | 0.76% |
| Urausy | 0.70% |
| Genasom | 0.65% |