A recent study by researchers at Google, Chainalysis, UC San Diego, and the NYU Tandom School of Engineering has revealed that the victims of ransomware attacks have collectively paid more than $25 million as ransom in the past couple of years. The researchers investigated 34 families of malwares and tracked the total amount of ransom paid to the attackers by the victims, mainly through blockchains or bitcoins.
According to the study, the most lucrative ransomware is “Locky” strain, which was first detected in 2016. The strain has accounted for $7 million from the time it was detected. “Locky” is followed by Cerber and CryptXXX which made the victims pay up around $6.9 million and $1.9 million, respectively.
Damon McCoy, the New York University professor, who worked on the “Locky” project, said that the ransomware’s big advantage was “the decoupling of the people who maintain the ransomware from the people who are infecting machines. Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”
The study also suggested that the attackers are improving the programing of the modern malware so that they can even infiltrate a system protected by antivirus software by changing their binaries automatically upon detection. The current development in the field of malware makes it very difficult to trace, and the impact generated has been costly as well as widespread, the study explained.
