Google studies Ransomware victims

A study conducted by Google tells us that over the last two years victims of ransomware have paid $25 million. The study was conducted by Google, Chainanalysis, UC San Diego and the NYU Tandon School of Engineering. Ransomware has probably been one of the most destructive, yet profitable attacks cyber crime has seen. It is quite popular among the hacking community.

What they did

The study team followed payments through blockchain and compared them against known samples. Then the researchers were able to build a comprehensive picture of the ecosystem of ransomware over the past couple of years. 34 separate families that were attacked by ransomware were studied. These had major strains brining in the bulk of the profits.

The researchers came to a realization that in some sense, Locky was the first ransomware program. It was programmed in such a way that it would keep the payment and encryption infrastructure separate from the groups distributing the malware. This ensured that the malware spread faster and farther than other competitive malwares.

“Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” said NYU professor Damon McCoy who worked on the study. “Locky just focused on building the malware and support infrastructure. They had other bonnets spread and distribute the malware, which were much better at the end of the business,” he added.

Other cases like Cerber and CryptXXX followed soon. The researchers studied that the number reflects total payouts made by the victims. But the final figure of how much money the original ransomware authors made remains unclear. Today, the attacks are more serious and even threaten life and property. This only promotes the need of better security.