***The year of 2016 was the year of ransomware.
Goal: Obtain statistics related to ransomware trends in 2016, including, but not limited to,
- (1) top 10 ransomware variants;
- (2) top 10 ransomware infrastructure locations; and
- (3) top 10 ransomware IPs
Tools: Elasticsearch, Kibana, Logstash
Source: OSINT Feed
Date Range: 2016
Winners (2016):
- Top 3 Ransomware –> Locky, Cerber, & TeslaCrypt
- Top 3 Ransomware Infrastructure Location -> United States, Germany, & Russia
I. Top 10 Ransomware (2016):
Locky | 38,023 |
Cerber | 4,656 |
TeslaCrypt | 1,916 |
TorrentLocker | 392 |
CryptoWall | 368 |
PayCrypt | 60 |
CTB-Locker | 24 |
PadCrypt | 16 |
DMALocker | 12 |
FAKBEN | 12 |
II. Top 10 Ransomware Infrastructure Location (2016):
United States | 11,339 |
Germany | 2,288 |
Russia | 2,052 |
Netherlands | 1,464 |
Italy | 1,428 |
China | 1,384 |
United Kingdom | 969 |
France | 892 |
Poland | 861 |
Turkey | 832 |