Threat Management, Malware, Phishing, Ransomware

Locky down as cyberercrime takes a brief December holiday

Perhaps as part of a last desperate attempt to make their way onto Santa's “nice list” cybercriminals seemingly took a break in December, particularly in the amount of ransomware being distributed.

Reports issued by Check Point and Kaspersky Labs showed a distinct drop in certain types of cybercrimes during the month. Check Point's December Global Threat Index noted an 8 percent reduction in attacks during the last month of the year compared to the previous month, while Kaspersky noted the number of phishing campaigns tailed off in the days leading up to December 25.

“This follows the same trends last year, when December recorded a 9% drop in the number of malware attacks worldwide, we expect attack volumes to bounce back in January,” the Check Point security team noted.

The biggest drop off occurred with Locky which fell off an average of 81 percent per week during the month knocking it completely off Check Point's monthly Most Wanted Malware list, something researchers considered interesting due to the success this particular type of malware had during 2016.

“Locky was one of the biggest malware success stories of 2016, going from being a brand new ransomware variant in February to second in the global table by November, so we will definitely continue to monitor it with interest in 2017. Time will tell as to whether cybercriminals are moving onto new variants or whether Locky has simply taken a Christmas vacation,” Check Point wrote.


Check Point also noted that the holiday period drop in criminal activity shows the human side of cybercriminals. Basically that they, like many other works, also take some time off during December.

Kaspersky noted the same type decrease in activity, but centered on phishing scams that used Ebay and PayPal as the hook in their social media.

“Such synchronous behavior could be explained by multiple factors, one of which is that cybercriminals are also celebrating Christmas and that the overall number of web users also decreases on 24th December. But on 25th December, the number of attacks goes back up,” Kaspersky researchers said.

However, that was the only positive news Kaspersky had when it came to late year cybercrime. Its other research showed an almost 5 percent increase in the number of phishing attacks aimed at financial institutions compared to the same time in 2015.

The company also found no shortage of scams taking place leading up to Christmas. Phishing attacks using Amazon and American Express were timed to Black Friday and Cyber Monday.

Kaspersky Labs went on to say that the increasing use of phishing in attacks was not just based on the time of year.

“Phishing scams are the easiest way for even low level professional criminals to earn money. The preparation and supporting stages for such scams don't require a lot of specific tools or knowledge, yet they bring a good return. In other words, phishing attacks appear more attractive to criminals due to their ease and affordability, when compared to staging a financial malware attack. This has resulted in the growth in popularity of phishing,” they wrote.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.