Ransomware has undeniably become one of the most important things users need to look out for when it comes to staying safe online. Not only could it spell the end for a computer's files, but it could also significantly lighten the victim's wallet along the way.
While it isn't really suggested for victims to pay the ransom demanded by these malicious programs, it seems that many are still doing so. According to a recent study presented by researchers at Google, Chainanalysis, UC San Diego, and the NYU Tandon School of Engineering, those that have been infected have paid over $25 million to ransomware operators over the past two years.
The study observed 34 different ransomware families, with a certain variant called Locky bringing in $7 million in payments. What made it stand out from other crypto-malware was that it kept the payment and encryption infrastucture separated from the group distributing the malware. This allowed the malware to spread faster than others.
“Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” according to NYU professor Damon McCoy, one of the project's researchers. “Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”
Ransomware such as Cerber and CryptXXX eventually followed, with respective payouts of $6.9 million and $1.9 million. Since these types of malware are now being offered to almost anyone capable, it is not exactly known how much of the paid amount has made it back to the original authors.
Despite all this, it is still best to be careful of our internet activity. Not opening suspicious email attachments and utilizing proper security software can already go a long way. Ransomware will likely continue to evolve and become even nastier, and it always pays to be protected.
Source: The Verge