The latest Emisoft report for awareness and ransomware protection dubbed the “Ransomware statistics for 2019: Q2 to Q3 report” reveals the state of cybersecurity in the digital world, cryptocurrency and non-cryptocurrency areas alike.
Emisoft’s report is based on data from over two hundred and thirty thousand (230,000) submissions collected through a project ID Ransomware. Users can upload an infected file on the ID Ransomware project website to find out which ransomware has affected their computer.
Ransomware protection: No1 STOP or DJVU for Bitcoin
The report reveals that the ransomware STOP or DJVU has been reported fifty-six percent (565) of the time as the technology behind the ransomware attack. Over seventy-six thousand (76000) STOP or DJVU entries were registered on the project website.
The ransomware applies AES-256 encryption on the user files demanding a ransom of four hundred and ninety dollars ($490) worth of Bitcoin. Initial versions can be remedied through some free software, but the latest attacks are using more advanced encryptions.
Ransomware protection: No2 Dharma (.cezar family)
A .cezar family ransomware Dharma has been found infecting as many as twelve percent of the total victims. Dharma is what you can call the enterprise level ransomware since it primarily targets small and medium businesses. Dharma exploits the victims through email infections and RDP ports.
However, the interestingly, Dharma (.cezar family) ransomware does not specify a ransom amount; instead, it instructs victims to contact the ransomware distributors via email to negotiate the ransom.
This ransomware is breakable, and in the past, a hospital Altus Baytown Hospital, Texas, not only refused to pay the ransom but also hired a private tech consultant to retrieve the files successfully.
Ransomware protection: No3 Phobo
A distant cousin of the Dharma ransomware Phobo also works on similar principles but is believed to be deadlier and more silent. The ransomware primarily targets the business and public entities where the financial liquidity can be made possible on short notice as well.
Phobo being a newbie that rose to fame in 2019, amounts to almost nine percent (8.9%) of the total ransomware attacks. Similar to Dharma, Phobo also requires the victim to contact and negotiate the ransom.
Wyoming Area School District ended up paying more than the ransom money to retrieve the files through a third-party tech consultant. A whopping thirty-eight thousand dollars ($38000) was paid by the insurance company. However, the amount was ten thousand dollars ($10000) less than the ransom amount.
Ransomware protection: No 4 GlobeImposter 2.0
The name of this ransomware GlobeImposter 2.0 is a tell-tale in itself. A bonified ransomware name given to programs made only for one purpose, seek and destroy.
However, luckily, the ransomware itself is not as effective as the name, and only a mere six and a half percent (6.5%) of all victims were infected with the GlobeImposter 2.0 ransomware.
Another program that uses AES-256 encryption and demands ransom in Bitcoin. The cost of retrieval can be up to eight thousand dollars ($8000); however, the known ransom is always between one to ten (1-10) Bitcoins.
Ransomeware protection: No 5 REvil / Sodinokibi
The ransomware with many names, REvil, and Sodin are the varied names of the Sodinokibi ransomware. One of the deadliest amounts to about four and a half percent (4.5%) of all reported ransomware incidents.
Believed to be the brainchild of the same master as GrandCrab ransomware, it is perhaps the deadliest of the top ten, however, luckily saturated in one part of the world.
The ransomware is responsible for affected over twenty-two (22) government and district offices in Texas. The offices decided not to pay the ransom, and only partial retrieval was reported, while most of the office had to rebuild their database from scratch. Use all ransomware protection measures to stay away and safe from this evil baby.
Ransomware and Bitcoin ransoms not only bring shame to the cryptocurrency sphere but also to the country of origination. However, the saga continues and is likely to continue until the end of time and ransomware protection is our only hope.