According to Google, the surge of Ransomware is now an endemic scourge of the internet, and the problems associated with it are only going to get worse.
Ransomware has “become a very, very profitable market and is here to stay,” said Elie Bursztein, one of the lead researchers from Google on the study. “Ransomware is a fast-moving market, there’s aggressive competition… It’s no longer a game reserved for tech-savvy criminals. It’s for almost anyone.”
Google’s in-depth research shows that cyber-criminals managed to make at least $25m from ransomware in the last 18-24 months alone. The most popular strains of ransomware were from the now ubiquitous Locky and Cerber families.
The research project also revealed where the cash flowed and accumulated in the Bitcoin network and where it was converted back into cash. More than 95% of Bitcoin payments for ransomware were cashed out via Russia’s BTC-e exchange, found Google.
Payment analysis of the Bitcoin blockchain, which logs all transactions made using the e-currency, revealed that those two strains also made the most money over the last year, with Locky collecting about $7.8m (£5.9m) and Cerber $6.9m (£5.2m).
Hitting the headlines
Ransomware has also been in the news a lot this year, not least because of the massive Petya attack that ran around the world in a matter of hours earlier this year.
Despite the fact that the Locky Ransomware made more money than Cerber in the last two years. Security analysts, including Malwarebytes, have noted that Locky itself, is no longer a major threat.
Cerber, from a bad family
Instead it is the Cerber family of ransomware that currently reigns, accounting for some 90% of all ransomware used in the first quarter of 2017. Locky, which hit the headlines for its continued use in 2016 is notable for the fact that it has almost dropped off the face of the earth.
Cerber continues to be a huge issue in the cybersecurity world. And why wouldn’t it be; it’s as impressive as it is scary. In all respects, Cerber is a superior form of ransomware and comes loaded with military grade encryption.
The real threat from the Cerber ransomware family however is the fact that anyone with just a small amount of technical knowledge, who can get their hands on it, can use it. One of the biggest issues facing antimalware vendors is the fact that Cerber can be customized as easily as it can be distributed.
After purchasing a base level version of Cerber, “options exist from other parts of the cybercrime marketplace that will distribute the malware through numerous means, ensuring the greatest amount of infection.”
So, as Google has said, Ransomware is here to stay. So why not take a moment and update your antivirus. There are plenty of options online to find, so search around for what’s best for you.
(Story via FileHippo)