Symantec: Cybercriminals make £3m from ransomware
Research finds that criminal gangs are increasingly using malware to blackmail users.
Criminals are making 3 million a year from holding people's computers to ransom, according to a new study.
Research from IT security company Symantec revealed that 2.8 per cent of victims pay up to 280 to unlock computers infected with malware that locks screens and prevents them from accessing their PCs.
Cybercriminals often use social engineering tricks, such as displaying fake messages purporting to be from local police authorities, to convince victims to pay up. Such messages often include warnings such as, "you have browsed illicit materials and must pay a fine."
The research found that one gang was observed attempting to infect 495,000 computers over the course of just 18 days. The first instances of this type of cyber-attack were observed in 2009, and - until recently - it was largely limited to Russia and Eastern Europe.
"It has increasingly become a popular ploy among numerous international online criminal gangs, spreading the threat to Western Europe, the United States and Canada over the past year," said the company.
Symantec said ransomware will surpass fake anti-virus software as the leading cybercrime strategy in the coming year. It said there are other signs that ransomware is becoming increasingly professional.
Several different ransomware families, sold to what appear to be separate gangs, have all been tracked back to a single individual.
"That individual, who we have been unable to identify, is seemingly working full-time on programming ransomware on request" said the company.
"This dedicated development of multiple different versions of the same type of malware is reminiscent of how fake antivirus was developed."
The company also predicted that as users shift to mobile and cloud so will attackers to exploit Secure Sockets Layer (SSL) Certificates used by mobile devices and applications.
Earlier this week IT Pro reported that security researchers have identified a new malware strand that steals image files from computers and sends them to a remote server.
-
Ransomware cartels are fragmenting into volatile splinter groups, warns Met Police cyber chiefNews Commoditized "cyber crime bazaars" and AI data mining are forcing law enforcement to rewrite its playbook
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recovery
News Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
