Ransomware, or apps that encrypt user’s data and then demand them to pay a ransom for a decryption key, have become a big business.
According to the State of Malware Report 2017, in January 2016, ransomware constituted 18% of all malware delivered by email or through exploits of existing software. By November 2016, it had climbed to 66%, which the report labels “an unprecedented domination of the threat landscape.
However, that’s not the depressing part of this report. Malwarebytes still sees a lot of malware getting on computers via in email attachments, many of which are Microsoft (MSFT) Office attachments with embedded macros whose code will attack your computer.
Those techniques date back to the days of dial-up internet, when Office was much more lenient about running macros in random documents and defending against them was harder.
Today’s malware spam often comes personalized for particular users and tries to fool them into thinking that clicking a button in a Word document or Excel spreadsheet will unlock it for viewing, when in reality it will start a download of malicious code that can then take over their computers.
The report further nods to the rise in “botnet” software taking over computers — including “Internet of Things” devices like connected security cameras — and using them as part of distributed denial of service (DDoS) attacks. Unlike ransomware, however, the U.S. isn’t seeing the worst of this form of malware. According to Malwarebytes, 61.2% of all botnets are found in Asia, while about 15% are found in Europe