Ransomware is one of the more interesting pieces of malware in existence. At the moment, it mainly represents a threat to Windows based PCs. However, Kaspersky believes that this will change in the coming months; and even expects that ransoms will be higher for those on Apple systems.
At the core, ransomware is a piece of sophisticated malware that locks the victim’s computer down. The attackers will demand money in exchange for giving the victim a way to retrieve their precious data. Simpler pieces of ransomware simply prevent the computer from being accessed, but ransomware has recently switched to encrypted entire hard drives and demanding payment for the decryption key.
This method of direct monetisation makes it very attractive to criminals who want to get rich. Criminals don’t even have to be particularly good hackers to get the most out of ransomware, as it can be purchased from the black market for as little as $5000 (about RM21,600). While the number seems high, Kaspersky estimates that returns could be as much as $25,000 (about RM108,000) a day.
It is likely that criminals will begin expanding their efforts to capitalise on the popularity of Apple devices, as well as the mobile revolution. This was already evident from the first variant of Linux ransomware that appeared this year. It also saw the first time that ransomware had targeted a mobile platform.
Interestingly, Kaspersky expects that ransoms set for Macs and Apple products will be higher than that for other devices. It was explained that since people were willing to pay more for the products, they would also be more likely to be forced to pay more to criminals to retrieve their information.
While ransomware has proven to be one of the most problematic pieces of malware to remove, it is not all bad news. Law enforcement in the Netherlands – with help from Kaspersky – has successfully located and seized servers for both CoinVault and Cryptolocker. Two prominent pieces of ransomware. The seizure of the servers also provided authorities with the private key necessary to decrypt victims’ computers and restore their data.