Protect Your Windows Machine Against Ransomware

According to a comprehensive new study of malicious files, the vast majority of ransomware is designed to attack Windows computers.

The study was conducted by the popular web-based scanner service VirusTotal, which used analysis on approximately one million ransomware samples from a pool gathered between January 2020 and August 2021 from over 140 countries.

“According to our study, 95% of ransomware files detected were Windows-based executables or dynamic link libraries (DLLs). Meanwhile, 2% were Android-based,” wrote VirtusTotal.

Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, the Philippines, Iran, and the United Kingdom were named as the top ten harmed countries in response to the number of contributions.

The never-ending rain

The researchers discovered at least 130 distinct ransomware families in the study, which they say was not an easy task owing to the malware’s similarities.

Grandcrab ranked as the most widespread ransomware family, with a presence in about 78.5% of samples. There is a baseline of activity for around 100 not-so-popular ransomware families that never stops, according to the research.

Based on its findings, VirtusTotal claims that attackers most frequently generate new samples for their campaigns. Only 5% of the examined samples were found to be exploiting flaws.

“We believe this makes sense given that ransomware samples are usually deployed using social engineering and/or by droppers,” note the researchers.

The scanner is checking the malware that has already been discovered, according to a blog article from VirusTotal. Furthermore, it appears to disregard new attack vectors such as ransomware that target network appliances, which are almost all Linux-based.