Ransomware continues to be a very lucrative business for cybercriminals, and a new warning from the FBI states that over $18 million has been stolen through CryptoWall, one of the most notorious strains of ransomware, in the U.S. alone.
The FBI’s Internet Crime Complaints Center (IC3) said that CryptoWall and other variants of the malware have been active since April of last year and targeting regular people and businesses. The individual cost of being infected with ransomware can range from anywhere between $200 and $10,000 according to the warning.
Ransomware encrypts a user’s files and holds them to ransom for a fee set by the cybercriminals who promises to decrypt your data if you pay up. A recent report from McAfee Labs found a huge surge in ransomware in the first quarter of 2015 alone with more people willing to pay the charges and get their files back.
IC3 said that ransomware tactics are “usually very successful.” Often the criminals demand the money be paid in Bitcoin to maintain their anonymity, but there is never a guarantee that they will decrypt the files once you have paid. Most security experts advise users to regularly keep back-ups in the event of becoming infected. The FBI warning reiterates the importance of using up-to-date anti-virus software too.
The security industry has noted increases in cases of ransomware in its research as well. There’s been a “huge uptick in the last 60 days,” one analyst from IBM told USA Today. Meanwhile the types of ransomware have been diversifying. Most recently the “sleeper” ransomware Locker was discovered by some eagle-eyed security pros, where the malware lies dormant for several months on a user’s computer before eventually being activated by the crooks.
Another recent report, from Trustwave, earlier this month also found that cybercrime, including the use of ransomware, can yield some impressive gains, which is creating a new wave of cybercriminals.