It’s been over two weeks since we reported about Locky and predicted that it will be a major player in the ransomware scene. We decided to check our Intrusion Prevention System (IPS) telemetry statistics for CryptoWall, TeslaCrypt and Locky two weeks after (Feb 17th to March 2nd) to see how Locky is doing and where it sits compared to its more seasoned counterparts.
While the statistics cover a short timeframe, it does give some insights not only on Locky’s early operations but also on how these three major ransomware families are affecting users on a global scale, which we intend to share in this post.
In total, we collected over 18.6 million hits from CryptoWall, TeslaCrypt and Locky C&C communications. It is important to consider that when analysing IPS hits, malware may communicate to its C&C server multiple times. In this case, analysing the ratios of these numbers provide more meaningful results. Click here to continue reading article