Google study confirms that ransomware victims paid $2 Million a Month

Google study conducted in association with blockchain analyst Chainalysis, University of California and the New York University Tandon School of Engineering confirms that ransomware victims paid $2 million a month to hackers spreading the dreaded malware. The Google study also discovered that ransomware victims have paid more than $25 million as ransom over the last two years.

Since ransomware has emerged as a dreaded cyber threat to the digital world in recent years, companies like Google are found conducting various studies to combat with the trouble. One such study made in association with the researchers of two universities and a private firm happens to be the one which is specified above.

Researchers from Chainalysis disclosed that the above said facts were found by them after studying the blockchain payments and comparing them against known samples. They said that the analysis helped them build a comprehensive picture of the ransomware ecosystem which could be further used by companies to unravel mysteries in cyber space through artificial intelligence.

As per the details available to our Cybersecurity Insiders, more than 34 separate families of ransomware were tracked down and analyzed in the survey. And the data shows a ransomware strain called Locky as the most prevalent malware in the recent times. The analysis shows that hackers spreading Locky succeeded in gathering huge payments from early 2016. The study found that Locky ransomware spreaders earned more than $7 million in payments in the past 12 months.

Experts from Chainalysis say that Locky was the 1st ransomware program to keep the payment and encryption infrastructure abstracted from the groups dispensing the malware, allowing the virus to spread farther and faster than its competitors.

NYU Professor Damon McCoy who led the research says that the biggest advantage obtained by the developers or those spreading locky was the decoupling of the people who maintain the ransomware from the people who are infecting machines.

The survey conducted by Google also discovered that other ransomware strains such as Cerber and CryptXXX followed a similar playbook to rake in $6.9 million and $1.9 million respectively.

However, the said numbers reflect the total payouts made by the victims. And so it’s unclear on how much money was made by the original ransomware authors.

Google’s data on ransomware also shows us a fact that ransomware authors are getting smarter by making solutions which remain undetected by antivirus software.

The data also shows a significant jump in ransomware profits from just $100,000 to $2.5 million from 1Q of 2016.

Google research found that the malware spreaders of WannaCry which targeted more than 250,000 computers across 150 countries made only $140,000. The research conducted by the internet juggernaut also confirms that NotPetya Ransomware spreaders made only $10k by spreading the malware. Means both these attacks were not aimed for financial gains but were made with other intentions in mind.

Ultimately, Google expects more innovation from cyber criminals in 2017. And this includes more “ransomware-as-a-service” models with fancier customer support.

Have something to share on ransomware. Then you can share your mind through the comments section below.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display