ransomware500
Security

Avast: Users frequently hitting websites loaded with ransomware

Fresh statistics from the maker of a widely used free security product show the extent to which users are encountering file-encrypting malware known as ransomware.

On Monday, Prague-based Avast said that over the past six weeks, users of its security products landed on websites hosting ransomware more than 18 million times. The company estimates 200 million Windows, Mac and Android devices have its software installed.

"Browser ransomware is making a huge impact on Avast users in France, most of North America, some of the Nordic countries, and Australia," wrote Jan Sirmer, senior virus analyst, on a company blog.

Avast isn't the only security company to notice an alarming uptick in ransomware attacks. Symantec and Microsoft have warned that such attacks from malware families such as Reveton, Crilock and Cryptolocker are increasingly prevalent and leave users helpless unless their files are backed up.

Sirmer wrote that Avast's software has stopped more than 500,000 attacks in under three months. He wrote that in just the past day or so, his company's software stopped 18,000 users from being redirected to websites hosting ransomware.

The attackers constantly change the domains that host such malware. Sirmer wrote that a new domain hosting ransomware is created every 10 minutes.

"These days the malicious domains are hosted on 117 different IP addresses," Sirmer wrote. "These IP addresses are distributed around the world from Austria to Brazil to Canada."

Some of the most affected users are in North America, Poland, Italy, Canada, South America, Russia and some countries in Africa.

The scammers often demand payment in bitcoin or Web-based money services to receive the key to decrypt the files. Sometimes, victims pay and do not even receive the decryption key.

To create a stronger incentive for victims to pay, the ransomware software will sometimes display a message falsely purporting to be from a law enforcement agency warning that the computer has been used for some illegal activity.

A sure-fire way to avoid problems with ransomware is to ensure files are regularly backed up. The computer's operating system can be erased and reinstalled to wipe malware from the system.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

PREVIOUS ARTICLE

« Here's how to chat with your Facebook friends using encryption

NEXT ARTICLE

Microsoft's Lync plants its flag in Android tablets »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?