According to statistical data released by Microsoft today, the Cerber ransomware accounted for a quarter of all ransomware detections for the past 30 days.

The data comes exclusively from Microsoft security products, such as Windows Defender. While some other security firms will provide different statistics, most of them have blogged about Cerber ransomware campaigns in the past month, so this threat family has been particularly active in the past month and ever before.

While Cerber accounted for 25.97 percent of all ransomware detections, Exxroute (another name for CryptXXX) took the silver medal with 15.39 percent of all detections, followed by the infamous Locky with 12.80 percent.

Locky’s presence in the top three most detected ransomware threats is somehow strange, taking into account that Locky distribution took a big break at the same time when the Necurs botnet also went down for three weeks.

With the Necurs botnet shutdown, malware distribution took a big tumble altogether in June, Enigma Software reporting that June 2016 had the lowest number of overall malware infections of any month dating back to April 2013.

Despite the drop in overall malware numbers, the company also says that ransomware numbers weren’t affected, with the numbers of monthly ransomware infections jumping 7.92 percent over 2015.

Microsoft’s July 2016 release of the Microsoft Malicious Software Removal Tool (MSRT) now comes with dedicated support for detection of Cerber ransomware.

Ransomware family Share
Cerber 25.97%
Exxroute 15.39%
Locky 12.80%
Brolo 11.66%
Crowti 9.97%
FakeBsod 9.19%
Teerac 3.94%
Critroni 3.72%
Reveton 2.86%
Troldesh 1.21%
Ranscrape 1.18%
Sarento 0.76%
Urausy 0.70%
Genasom 0.65%

This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at
Recommended article from Most Labour MPs in the UK Are Revolting.

Related Posts

Facebook Comments

Return to Top ▲Return to Top ▲