Skip to main content

Ransomware domains increased 35-fold in Q1 2016

There has been a 3500 per cent (!!!) increase in ransomware domains in the first quarter of 2016, compared to the last quarter of 2015. Those are the highlights of a new report by network control company Infoblox.

According to the company's Infoblox DNS Threat Index, this huge spike has pushed the overall threat index to its highest level ever recorded. It currently sits at level 137, up seven per cent from level 128 in Q4 2015. The highest ever level recorded before this one was 133, which occurred back in Q2 2015.

The US hosts the usual huge amount of these domains, 41 per cent, while Germany has been particularly interesting, dropping from 20 per cent down to 2.

“Cybercriminals are as likely as anyone else to take advantage of sophisticated infrastructure, and all of the countries in this quarter’s list fit that description,” said Lars Harvey, vice president of security strategy at Infoblox. “But the geographic spread shows that much like cockroaches that scurry from the light, cybercriminals are quick to shift to a more advantageous location as needed.”

Ransomware is a type of attack where the attacker places malware on the victim’s computer, which encrypts all the files found there. It then requests for ransom to be paid in bitcoin, in order to have the data unlocked.

At first it targeted individuals, but after cyber-criminals realised they could attack businesses as well, they opted for the latter, more lucrative approach.

Currently, the most popular version of ransomware is CryptoWall, reportedly costing businesses and others $325 million.

Photo credit: Ton Snoei / Shutterstock

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.