A (Crypto) King’s Ransom: The Rise of Crypto Ransomware

The power of the internet is indisputably in the data it stores, processes, and transmits all over the globe. From messages sent in milliseconds to the billions of dollars that are moved every day, it is often hard to imagine life without the instant access that the internet provides. It is also safe to say that most of us have sensitive data stored on our computer systems, from banking records to personal conversations.

Quite literally, we have our lives stored on our devices and this is why cyber security and computer protection is the mega-industry against crypto ransomware today, both for people and corporations. 

Unfortunately, the emergence of the internet brought forward a new class of crimes, and these seem to evolve every now and then to exploit whatever new facet of technology is unlocked. It now appears that the latest form of cybercrime is the stealing of the internet’s most valuable asset, data, and using cryptocurrency to do so. 

The Wild World of Crypto Ransomeware 

Ransomeware, simply put, is the installation of malware unto a computer system without the consent of the owner. This malware then steals valuable information such as personal messages, financial data, and so on or denies the owner access to their own data or computer system. After this is done, the perpetrator demands a ransom from the victim in exchange for access to their information or computer system or keeping the sensitive information private. 

Ransomware has seen a sharp increase in the last few years and the victims of this crime are wide and varied. Symbotic LLC, a United States-based robotics company, for example, were recently the targets of a malware gang who threatened to leak sensitive information if their demands were not met. The Austrian village of Weiz was also targeted last month with software that destroyed backups of files, encrypted existing ones, and shut down operations under Windows.

This month alone, three universities in the United States, Michigan State, Columbia College of Chicago, and the University of California San Francisco, were targeted by a malware gang who took responsibility for the attack via their blog on the dark web. 

In several incidents, the malware was installed through fraudulent messages sent in emails to those who had access to the computer systems. Once a link in the email was clicked on, the malware could infect the computer system. This is rather similar to the way crypto-jacking works, but instead of staling data, that malware uses the infected computer’s processing power to mine cryptocurrency. 

Even celebrities are not being spared as REvil, a prominent ransomware gang, hacked the systems of a prominent New York entertainment law firm which represents stars such as Lady Gaga, Elton John, and Robert DeNiro. 

Another prominent form of ransomware is sextortion. Sextortion is a situation in which a person is contacted by another who claims to have hacked their computer systems and obtained information about their pornographic search history. This information, the criminal says, will be made public to their friends, family, and employers if they do not pay a ransom. While some of these emails are false, sextortion has proven to be profitable, with CipherTrace estimating that roughly $500,000 in profits were made between  September 1, 2019, and January 31, 2020. 

The World (Web) Held Hostage 

Blackmail and ransoms are age-old concepts but they are made even more complex when done over the internet. Individuals and institutions have to adapt to the times and this means storing their data on computer systems, but with this comes some level of risk.

Regardless of how advanced cybersecurity is, some activity is found to slip through the cracks and not all perpetrators will be caught. On the contrary, many of the ransomware dealers have been linked to larger criminal operations and the dark web which thrives in anonymity. 

Even worse, these attacks are not always carried out by lone wolves. Besides prominent malware gangs like Maze and REvil, cartels are starting to form in pockets of the dark web to put even more pressure on victims and improve on the malware software and tactics being used. With there being a 1,300% increase in sextortion claims from March to April 2020 and malware gangs consolidating power, what is there to do? 

The Part of Cryptocurrency 

In an overwhelming majority of recent malware cases, cryptocurrencies such as bitcoin are demanded as the means of payment. According to the site bitcoinabuse.com, 21,000 unique Bitcoin addresses we submitted as part of reports of malware which shows that the criminals have a preference for crypto. This is similar to the increase of crypto use across the dark web in the last decade.

It is understandable that they would be drawn to cryptocurrency as it affords a higher level of anonymity than a bank transfer or PayPal transaction. The amounts demanded range from smaller amounts to the $300,000 in bitcoin that was demanded of the city of Florence in Alabama after a ransomware attack. 

This does, however, have negative implications for cryptocurrency’s image as due to a lack of understanding, many already consider it shady. If cryptocurrency is consistently brought up when reports are made regarding the dark web and online extortion, this perception will only be encouraged. 

Moving Forward 

While the issue of malware is not likely to simply disappear overnight, the steps to be taken in the meantime have also been a source of debate. In cases such as the attack on Florence, Alabama, the city had been warned that their computer systems were vulnerable to attack but did not take action swiftly enough.

It has been suggested that most malware attacks can be avoided if proper security protocols are installed on computer systems and precautions taken to identify fake emails that could have malware linked to them. Besides this, the U.S. Treasury, Department of State, Department of Defense, and the FBI issued an advisory in April 2020 that gives guidelines on avoiding malware, cryptojacking, and ransomware. 

The issue of crypto ransomware, for now, must be addressed like any other cyber security issue, which is by listening to experts and taking all prescribed security measures. Another great way to prevent ransomware attacks, is by having a reliable VPN such as Malwarebytes, in which we made a review about. We would also recommend NordVPN which is another top reliable contender that also stop crypto ransomware attacks.

Get Started at Malwarebytes Here! or Get Started at NordVPN Here!

Image via pixbay, Writer Tokoni Uti