Ransomware dates back to the early days of the internet when users would find themselves bombarded with multiple pop-up windows announcing their computer was infected with a mysterious virus. Warning signs would flash and fake load screens would make it look like the pop-up windows themselves had scanned the hard drive and detected the infection. The user was subsequently encouraged to pay to have their computer cleared of the infection and have peace and safety restored. Today’s typical ransomware legitimately restricts users’ access to their own files, encrypting the majority of files on the hard drive, and provides instructions on how to pay a ransom to remove the encryption. This type of ransomware uses the value users place on their files, whether financial or informational in the form of business documents, or emotional with regards to family photos and videos, to coerce them into paying hundreds of dollars for a possible remediation of the situation. 

This week researchers at Emsisoft reported a new form of ransomware they dubbed Ransom32, which is sold on the black market to any wannabe cybercriminal. Purchasing the ransomware allows a potential attacker to administer the malware and track the users they have infected, as well as change the amount of Bitcoins demanded for the ransom. The sale of malicious software as well as the ability to adapt it to one’s particular malicious needs is nothing new. As Graham Cluley points out, “What makes Ransom32 rather more interesting is that it is coded entirely using JavaScript, and as a consequence could be used to target not just Windows computers, but also those running Mac OS X and Linux.” 

The sophistication and scope of ransomware has grown significantly, as such campaigns can be very lucrative to criminals. As reported by the Atlantic, one researcher found that a single hacker made over $1 million in a day from such ransom payments. No one is immune to the threat – the same article points to a number of U.S. police departments which were infected with ransomware last year, disabling essential systems and crippling operational capabilities: “The departments were hit with ransom notices for their data, and couldn’t get around the encryption even with help from private cybersecurity firms and the FBI…All three departments paid ransoms ranging from $500 to $750 to regain access to their data.”

Powered by WPeMatico