Within the last five months, Ryuk ransomware has grown into a lucrative venture for the hackers behind it.
According to studies from FireEye, the operators behind the ransomware code have earned an estimated 705 BTC within the last five months. In today’s exchange rates, that’s around $3.7 million spread across 52 payments.
The analysts also identified the two main tactics behind the hacker group’s success — patience and big companies.
How Ryuk Ransomeware Works
First, the Ryuk ransomware hackers infect tens of thousands of victims with a banking Trojan. Then, the ransomers select and deploy Ryuk to a few infected machines belonging to government organizations and big corporations.
Once deployed, Ryuk ransomware encrypts the machine’s target hard drive and locks the data. To regain access, the victim must contact the hackers and pay a Bitcoin ransom.
Although the identity of the hackers behind this threat remains unknown, evidence points to a group of cybercriminals in Russia.
How Hackers Calculate Their Ransoms
According to the CrowdStrike analysis, the hackers consider the value as well as the size of a target before demanding a ransom. In other words, the most valuable targets often pay the highest amount.
While the lowest observed ransom was 1.7 BTC, some victims had to pay as much as 99 BTC. When you take the total of 52 transactions, the hackers must have made about 705.80 BTC between August 2018 and January of this year.
With the current value of BTC, the estimate in US dollars is 3.7 million. However, the recent drop in BTC suggests that they probably netted more.
Whatever the case may be, one thing is obvious. Ransomware is becoming too lucrative and may cost government organizations and companies more money in the future.
Comments (0)
Most Recent