September 2013 - CryptoLocker is released. CryptoLocker is the first cryptographic malware spread by downloads from a compromised website and/or sent to business professionals in the form of email attachments that were made to look like customer complaints controlled through the Gameover ZeuS botnet which had been capturing online banking information since 2011.
May 2016 - Petya comes loaded with a double-barrel ransomware attack. If the initial overwriting the master boot record does not work, they now have an installer that offers Petya and a backup \"conventional\" file-encrypting strain called Mischa. ProofPoint Q1-16 threat report confirms that Ransomware and CEO Fraud dominate in 2016. A new Version 4 of DMA Locker comes out with weapons-grade encryption algorithms, and infects machines through drive-by downloads from compromised websites. In a surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key.
Increasingly, infections happen through drive-by downloads, where visiting a compromised website with an old browser or software plug-in or an unpatched third-party application can infect a machine. The compromised website runs an exploit kit (EK) which checks for known vulnerabilities. Often, a hacker will discover a bug in a piece of software that can be exploited to allow the execution of malicious code. Once discovered, these are usually quickly caught and patched by the software vendor, but there is always a period of time where the software user is vulnerable. 59ce067264