Ransomware Morphing into Multi-Million Dollar Business for Hackers

There used to be a time when kidnappers were the only ones making ransoms by basically demanding money if you wanted to see your loved one again. Now, ransom cases have taken on a new virtual face, one found on the Internet in the form of what we technically refer to as ransomware, and it means big money for the hackers who brandish such threats.

Ransomware threats are fake messages specially crafted by hackers to extort money from mostly unsuspecting PC users who fall for a completely baseless notification impersonating law enforcement or police departments. Usually, the ransomware message will make a claim of detecting illegal online activity, lock the infected system and then ask that a hefty fine be paid for the purported actions.

Example of a common FBI Moneypak Ransomware Message

Most ransomware, as a deceptive tactic, will relay the enticing warning that looks to have come from a local Police department or local law enforcement agencies such as the Federal Bureau of Investigation (FBI). These messages are constructed in such a way to utilize official logos and graphics found on legitimate law enforcement or local police force websites. Many times the ransomware will detect the infected system's IP address only to craft a specialized message in the local language and relay an actual local Police department's name and logo. Crafting ransomware messages in such a way ultimately give hackers the upper hand in the task of convincing PC users of the notification's legitimacy, even though it is a completely fake message.

Not only are ransomware threats a new and quickly growing malware epidemic, but the schemes have been very effective on impacting a multitude of PC users accounting for collecting more than $5 million a year. ransomware, originating in Eastern Europe, actually dates back to 2009. We are just now witnessing such threats make their way to other areas of Europe and now western regions of the world, such as the United States.

Lucrative malware schemes, many we have covered over many years, have played the game of money extortion very well with proven tactics replicated by many hacker groups. Hackers have actually redirected their efforts to basically abandon common antivirus and banking Trojan schemes and replacing them with the new ransomware game.

List of popular ransomware that we have detected in the past 3 months:

• Reveton Ransomware
• Ukash Virus Ransomware
• FBI Moneypak Ransomware
• FBI Green Dot Moneypak Ransomware
• Windows Genuine Advantage Trojan Ransomware

Why Choose Ransomware to Extort Money from Computer Users?

The recent influx of ransomware is rather evident of how hackers have shifted their full-time endeavors to focus on scams that are potentially more profitable than previous malware schemes. In terms of the effectiveness of ransomware, security researchers estimate that 2.9% of computer users over-all fall victim to ransomware. What is even more disturbing is that some estimates claim about 15% of computer users fall victim to relinquishing money due to ransomware in some countries.

Looking at the composition of ransomware one may think that a computer user falling for such a cheap, but endearing message would be a fool. Actually, ransomware plays on a victim's conscience in many ways. One way is by most ransomware threats locking up an infected computer and then promising to unlock the system once a ransom fine is paid. Another way would be presenting the ransomware message as a serious warning from their local authorities in their own language. ransomware's customization alone, by detecting the locality through the infected system's IP address, sometimes makes the case even more convincing.

On the Hunt for Ransomware Gangs

Through our most recent analysis of emerging malware threats, we have seen a drastic decrease of commonly known scareware and malware infections. It is evident that hacker gangs commonly known for spreading rogue antispyware programs and other schemes to make a quick dollar has shifted their focus to ransomware. Right now, we see at least one new ransomware threat on a daily basis, which was completely unheard of a year ago. Moreover, there is no rhyme or reason as to who is attacked with ransomware. Reportedly, there have been thousands of computers getting ransomware through sites hosted by GoDaddy. It looks as if hackers have broken into many GoDaddy accounts with stolen passwords setting up sub-domains to send emails to customers, so the messages come from a known source.

The day of 'fooling' computer users has morphed into ransomware, basically bullying users to pay up fine as they are virtually threatened by an imaginary local law enforcement entity. Some of these fines are not cheap either, ranging from $50 to upwards of $400 in some ransomware cases.

It goes without saying, computer users should never pay a Ransomware fine. Additionally, if a local law enforcement or police agency wants to warn you about supposed illegal activity, they won't do it through the Internet, you will more than likely get a knock at your door and end up paying with time in jail instead of some few-hundred dollar fine.