All the latest UK technology news, reviews and analysis

Scammers rake in $33,000 a day through ransomware

09 Nov 2012
Security padlock image

Cyber criminals are taking in up to $33,000 per day using ransomware scams, according to security vendor Symantec.

Symantec revealed that advance in their attack methods and a lack of awareness on the part of the scams' victims has made ransomware an increasingly profitable tactic for criminal gangs, in its Ransomware: A growing Menace report, published on Thursday.

The reports findings were based on ongoing research into 16 of the best known independently developed ransomware variants found running over the past two years.

Symantec highlighted detecting and monitoring one particularly successful variant of the Ransomlock Trojan which reportedly had 68,000 unique IP addresses connecting to its command and control server September through October.

At its peak, Symantec warned that it saw 5,700 IP addresses connect to the server in one day. The paper reported that of the 5,700 connections, the crook persuaded 168 users to hand over money, earning them $33,000.

Worse still, the researchers said their findings were a conservative estimate, warning ransomware scams are in reality probably earning criminal gangs much more money.

"Given the number of different gangs operating ransomware scams, a conservative estimate is that over $5 million dollars a year is being extorted from victims," wrote Symantec.

"The real number is, however, likely much higher. From just a few small groups experimenting with this fraud, several organised gangs are now taking this scheme to a professional level and the number of compromised computers has increased."

Ransomware sees criminals infect their victims with a piece of malware that locks the machine down, leaving behind a blackmail message offering to unlock the machine in return for a money.

The scams often involve a certain amount of social engineering, masquerading as a legitimate organisation or law enforcement body to make the user feel the fine is legal.

Over the last three months ransomware scams pretending to be the Metropolitan Police, FBI and German Police have been discovered.

Ransomware usually infect machines as drive-by downloads, contained within malicious website URLs or web advertisements, though ransomware attacks targeting users via social networks and services like Skype have also been uncovered.

Symantec stated that the majority of the attacks it detected stemmed from and targeted Russia and Eastern Europe. The findings match a previous threat report from competitor Trend Micro, which highlighted the region as a cyber crime boom area earlier in the year.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Windows 10 poll

What are your first impressions of Windows 10?

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Transformation Programme Architect

Transformation Programme Architect required to provide...

Solutions Architect

Solution Architect Harvey Nash are recruiting for...

Digital Solutions Architect

Digital Solutions Architect Harvey Nash are working...

Front-End UI/UX Developer (HTML5, CSS, JavaScript, jQuery, Ang

Front-End UI/UX Developer (HTML5, CSS, JavaScript, jQuery...
To send to more than one email address, simply separate each address with a comma.