Inside the Briefcase

2016 APM Reference Guide: Application Performance Monitoring

2016 APM Reference Guide: Application Performance Monitoring

IT Briefcase Analyst Report
This product guide allows you to...

IT Briefcase Exclusive Interview: Top IoT Trends and Predictions for Organizations in 2016

IT Briefcase Exclusive Interview: Top IoT Trends and Predictions for Organizations in 2016

with Mike Martin, nfrastructure
In this interview, Mike Martin,...

Unleash the Power of Global Content

Unleash the Power of Global Content

globeYour business depends on pushing accurate and dynamic content...

Clicking Away Your Right to Privacy

Clicking Away Your Right to Privacy

Before using any standard Internet service provider for e-mail...

Top Questions to Ask Before Implementing VoIP

Top Questions to Ask Before Implementing VoIP

Thinking about a move away from traditional phone lines...

Ransomware: How to Earn $33,000 Daily

November 8, 2012 No Comments

SOURCE: Symantec

Ransomware is a type of malicious software that disables the functionality of a computer in some way and demands a ransom in order to restore the computer to its original state. Recent variants use law enforcement imagery to add legitimacy to the warning messages. The malware uses geo-location services to determine the location of the computer it is running on and then, after locking the computer displays a message appropriate to that country. The message usually claims that the user has broken the law by browsing some illegal material. Figure 1 is an example of a ransomware variant that displays a message claiming to be from the FBI.

 Ransomware: How to Earn $33,000 Daily

Figure 1. An example of a ransomware message

The message states that in order to unlock the computer, “a fine” must be paid using one of several prepaid electronic money schemes. The fines can range from €50 to €100 in Europe, and up to $200 in the US.

Ransomware has been in existence since 2009 and initially targeted users in Russia and Eastern Europe. It has since become a global problem, spreading first throughout Europe and, in more recent months, has begun targeting users in North America. At least 16 different versions of ransomware have been identified over the past year and a half. Each version is not an ‘upgrade’ from a previous version, but rather a unique variant, associated with a separate gang. These gangs have independently developed, or bought, their own different version of ransomware. The gangs are not new to cybercrime; they have been associated with other threats and scams in the past such as banking Trojans and rogue antivirus programs. Ransomware has now become a more lucrative enterprise for them.

The operations are highly profitable, with as many as 2.9 percent of compromised users paying out. An investigation into one of the smaller players in this scam identified 68,000 compromised computers in just one month, which could have resulted in a fraudster obtaining up to $400,000. A larger gang, using malware called Reveton (Trojan.Ransomlock.G), was detected attempting to infect 500,000 computers over a period of 18 days. Given the number of different gangs operating ransomware scams, a conservative estimate is that over five million dollars a year is being extorted from victims. The real number is, however, likely to be much higher.

For details on our investigation into these multiple ransomware variants, please see our whitepaper .

 Ransomware: How to Earn $33,000 Daily

For those affected by these scams—DO NOT PAY THE RANSOM. Instead, follow the removal steps outlined here or check out this video for further instructions.

SECURITY

Leave a Reply

(required)

(required)


ADVERTISEMENT

AnDevCon


American Customer Festival 2016 New York

ITBriefcase Comparison Report

Cyber Security Exchange