The Cryptowall ransomware defrauded $18m from its victims in April, according to data from the FBI's Internet Crime Complaint Centre (IC3).
IC3 revealed the figure in a public advisory, claiming that Cryptowall is the most dangerous ransomware active in the wild.
"Recent IC3 reporting identifies Cryptowall as the most current and significant ransomware threat targeting US individuals and businesses. CryptoWall and its variants have been used to target US victims since April 2014," read the advisory.
"Between April 2014 and June 2015, the IC3 received 992 Cryptowall-related complaints, with victims reporting losses totalling over $18m."
Ransomware attempts to elicit money from its victims by locking them out of their computers and demanding an access fee. Evolved versions, such as Cryptowall, also encrypt data stored on the computers.
IC3 said that it has seen an increase in the number of Cryptowall scams demanding payments in the cryptographic bitcoin currency.
"The financial impact to victims goes beyond the ransom fee itself, which is typically between $200 and $10,000," read the advisory.
"Most criminals involved in ransomware schemes demand payment in bitcoin. Criminals prefer bitcoin because it's easy to use, fast, publicly available, decentralised and provides a sense of heightened security/anonymity."
IC3 recommended that businesses take a variety of countermeasures to protect against ransomware attacks.
These include technical solutions such as using up-to-date antivirus, firewalls and pop-up blockers, as well as cultural best practice like clicking links only from trusted sources and keeping backups of critical files.
The US Computer Emergency Response Team (US-CERT) mirrored IC3's advice and urged victims not to pay the ransomware unlock fee.
"Individuals and organisations are discouraged from paying the ransom, as this does not guarantee that files will be released," read the US-CERT advisory.
"US-CERT encourages users and administrators to review the IC3 Alert for details and refer to the US-CERT Alert TA-295A for information on crypto ransomware."
IC3 is one of many organisations warning about the growing Cryptowall ransomware threat facing businesses.
Cisco's Talos Group uncovered an evolved version of Cryptowall in February that used an improved encryption algorithm to lock its victims' machines.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software