TheMerkle ShieldFS Ransomware

In the cryptocurrency world, it would appear most of the discussions pertaining to ransomware have quieted down. Not because the industry is no longer lucrative, but simply because such attacks have seemingly become so common it isn’t necessarily newsworthy anymore. However, the average Bitcoin payment associated with ransomware attacks has risen significantly.

Ransomware Still Makes the Big Bucks

Over the past few years, there have been numerous news stories involving malware and ransomware. Criminals have fully embraced this new business model to make a lot of money. Despite the best attempts by security researchers to ensure such attacks cannot be profitable, it seems the ransomware industry is still firing on all cylinders. In fact, the longer it remains a business, the higher the overall profitability seems to become.

According to a new report shared by Coveware, it has become apparent criminals still make plenty of money when using ransomware types. More specifically, the average payment requested has increased by nearly 100% in the past few months alone. Although this could indicate the attacks are shifting from consumers to corporations and governments first and foremost, it is not a positive development by any means. Higher returns will attract more criminals exploring the ransomware business, as everyone wants to make some quick money on the side.

In the report, the average payment – in Bitcoin – is $12,762 for Q1 of 2019. This is significantly higher compared to the figures attributed to Q4 of 2018. At that time, the average Bitcoin payment was listed as $6,733, which is still a very steep amount. Especially when considering how the Bitcoin price has decreased significantly in recent months, these amounts are exuberant, to say the very least.

Such a dramatic shift in payments is not entirely abnormal. Researchers confirm the attacks themselves are becoming more sophisticated and targeted. Particularly the Ryuk ransomware strain is making a lot of headlines lately, as it used in conjunction with most known – and some undisclosed – remote desktop protocol vulnerabilities. By gaining remote access to target systems, criminals can determine their appropriate course of action to infect networks with ransomware accordingly.

What makes Ryuk such a troublesome malware strain is how it prevents users from restoring data in a convenient manner. System recovery functions built into the Windows operating system will not be accessible, which allows the hackers to demand a higher ransom payment first and foremost. In some cases, those amounts are as high as $300,000, which goes to show the business is still firing on all cylinders. Moreover, there is a genuine chance even more sophisticated attacks will be launched in the future.

Another factor contributing to the rise in average ransomware payments is how affected corporations effectively regain file access after making a payment. While that has never been a guarantee where ransomware is concerned, it seems the companies effectively paying the money have a good chance of accessing their systems again without major problems. As such, it is only normal corporations are more willing to meet these ransom demands. In doing so, these corporations also allow for more targeted attacks to be performed, which creates a vicious cycle.


Disclaimer: This is not trading or investment advice. The above article is for entertainment and education purposes only. Please do your own research before purchasing or investing into any cryptocurrency.

Image(s): Shutterstock.com