Symantec: Cybercriminals extort $5M a year using ransomware

Tools

Ransomware is a highly lucrative business for cybercriminals, according to a new report by Symantec. This is because up to 2.9 percent of compromised users pay up rather than work around them, says the security vendor.

Rogue software that is designed to extort money from its victims by locking up or hindering the normal functioning of the infected system is hardly new. Such malware includes those that put up bogus Windows activation pages or one those that target the master boot record.

What is disturbing is that there are 16 different versions of such malware that have been identified over the past year. According to Symantec, these are completely different malware that were separately developed. This is unusual and disturbing, as most malware are simply variants or tweaks of existing ones, and the high volume suggests that substantial resources are being devoted by multiple groups of cybercriminals.

In the course of its investigation, Symantec researchers penetrated the command and control server of at least one ransomware scam. Within just one month, the team observed 68,000 unique IP addresses connecting, with 168 entering what appears to be code, to unlock the malware during one of the days.

A "conservative estimate" of losses to such malware is over $5 million dollars each year, says Symantec, who also noted that the real number is "likely much higher."

You can read this blog from Symantec or the full 16-page report titled "Ransomware: A Growing Menace" here (pdf).

For more:
- check out this article at Ars Technica

Related Articles:
Researchers find Android hole that could affect millions
Symantec sees little improvement in Windows 8 security