Ransomware Version Costs U.S. Big Bucks
Tuesday, June 30, 2015 @ 01:06 PM gHale
Ransomware is a very effective attack tool and developers know, combined with a plausible phishing campaign, it can be a solid source of revenue. If you don’t think so, just ask the FBI because they said the developers of Cryptowall have brought about $18 million in damages on U.S. users and businesses.
The Cryptolocker-imitation ransomware is one of the most prolific and capable since it first ended up detected in April last year.
Global damage reported to the FBI is much higher as Australian victims account for about half of Cryptowall revenue, with North America accounting for only a quarter. Doing the math the global take is roughly $72 million, just for this version alone.
FBI officials said the U.S. Internet Crime Complaints Commission received 992 complaints from ransomware victims each extorted for between $200 to $10,000.
“Many victims incur additional costs associated with network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers,” an FBI alert said.
“Between April 2014 and June 2015, the IC3 received 992 Cryptowall-related complaints, with victims reporting losses totaling over $18 million. These financial fraud schemes target both individuals and businesses, are usually very successful, and have a significant impact on victims,” the alert said.
Cryptowall, like other ransomware families, goes out through spam and exploit kits in order to encrypt what bad guys hope are valuable files. Victims then have to pay to recover their files, and improvements to the code since it first emerged make mitigation difficult.
It has become more sophisticated with each updated version. The latest variant encryption implementation appears to have evaded cracking attempts, while features including the ability to destroy backups and encrypt cloud-synchronized files increases the chances victims will pay.