Kovter Ransomware is ‘Skyrocketing’

Kovter, a form of ransomware has “skyrocketed” in the second quarter of 2014 according to a new report published by security firm Damballa.


Photo: Damballa

Like most ransomware, Kovter locks your device and demands a ransom but in this case, it gets a little more sinister and goes down a blackmailing route. The hacker poses as a police officer and claims to have “proof” that your browsing history contains illegal pornography.

“During the height of activity in June, infections reached 43,713 on a single day,” say Damballa in its report. “Month over month, average daily infections increased a whopping 153 percent in May and 52 percent in June.”

Instances of Kovter have shown that victims are asked to pay up to $1,000 for a ransom through credit card. Oddly, this differs from other ransomware attacks where the assailant demands to be paid in bitcoin so as to avoid detection and maintain anonymity.

Damballa is quick to remind users to not be threatened by the ransom as paying it will not retrieve your files.

The firm’s research is backed up by similar findings presented this week by ITProPortal’s Threat Report, which was released on Thursday. It notes 44,000 infections per day in June, much like Damballa’s findings.

The new Q2 report from Damballa says that ransomware is on the rise across the board in the cybercrime business as more criminals attempt to monetize their hacking exploits.

One of the more common ransomware tactics has been Cryptolocker, which has seen a rise also, and recently FireEye and Fox IT released the Decrypt Cryptolocker site to unlock your hostage files.