Ransomware is very much known today as pieces of malware that encrypts a victim's computer files, and then demands an exorbitant amount of money to be able to set their files free. It is one of the many modern ways of extorting money from innocent people by utilizing the power of the rapid evolution of technology today. And with this in consideration, it has recently been discovered by security researchers that cybercriminals are adopting ransomware at an alarming pace.
According to experts, there are now about 120 families of ransomware, while there is a 3500% increase in the criminal use of net infrastructure dedicated to running these nasty pieces of malware. This is reportedly due to the large amount of money perpetrators earn, as well as the rise of kits that they use to lure in their victims.
Variants of ransomware have sprouted today in just a very short time. For one, there's Petya, which manipulates the booting process while demanding money. Another acts like a pyramid scam; it asks victims to spread its malware in order to get their files decrypted. Malware programmers have also made it possible for ransomware to jump from one computer to another by exploiting removable drives. Cybercrime bosses from Russia have even made a ransomware empire, during a point of total economic crisis. As a result of the many ransomware attacks today, an all-time high was recorded in the United States back in April.
"Ransomware and crypto malware are rising at an alarming rate and show no signs of stopping," said Raj Samani, European technology head for Intel Security. He observes that the rise of this kind of malware is due to the openness of ransomware source codes as well as online services that wire money to them without getting caught or traced back.
According to security researcher Bart Parys, most ransomware is controlled by individual groups, like Cryptolocker, but he revealed that there are some who actually purchase ransomware from an underground market. "It's safe to say that certain groups are behind several ransomware programs, but not all," he said.
Moreover, it was seen that the net infrastructure of criminals has been improving, with web domains hosting ransomware growing rapidly. Some of these malware can be customized and personalized from the command and control center to how the perpetrators want their victims to pay them.
Lastly, the rise of ransomware utilized the ineffectiveness and weakness of antivirus programs when it comes to dealing with such attacks. According to Tomer Weingarten of security company SentinelOne, perpetrators of ransomware have been very good at hiding their malicious code.
To catch victims, some groups have been utilizing classic methods of luring in people like phishing emails or malicious ads. Meanwhile, there are some that now use "crypters" that help cloak files and make them look innocent.
Source: BBC | Image via GFI
24 Comments - Add comment