2018 was the year that malware stopped being a malicious hobby and became a real money-making business. The increase in ransomware and cryptomining attacks is a clear sign that hackers don't just want to wreak havoc anymore – they also want to earn a pretty penny doing it.
SummaryHow much is made?How did it happen?What is done?Silver CrabUntil now, we had no actual revenue numbers to work with; were the hackers living the dream or making do with leftovers? It was clear that the hackers were trying to make money, but there was no indication if they were successful. BitDefender recently released an estimate of this year's most popular ransomware, and the numbers were a bit concerning.
GandCrab offers the option to customize the ransom message and payment amount for each victim. Gone are the days of ransomware developers bombarding as many users as possible in hopes of hitting someone who is both wealthy and eager to back up their files. Now they can individually adjust the malware according to their targets. They can customize the malware according to the target's ability to pay and ensure that they get the most out of their victims.
This extraction method was introduced by IBM with its DeepLocker malware, which used webcams to scan users' faces and lock down the PC of the target it was looking for. Infecting the PCs of people who can't pay or don't mind losing their files only makes the malware more visible and susceptible to counterattack. Using the initial freedom window to hit rich targets ensures a good payout until the ransomware is fixed and a solution is released.
Fortunately, security experts around the world realize how serious a ransomware outbreak can be. Reverse engineering a ransomware attack can render it effectively powerless, and people are pushing decryptors to combat the latest versions of GandCrab. Of course, being diligent with your internet security is also a good way to avoid getting infected!
We've known for some time that malware evolves for profit. Despite this, we didn't know how much the pirates actually earned. With nine-figure estimates suggested, malware is now a very profitable business for those who can muster it.
Do you think this is the start of a wave of malware trying to emulate the success of GandCrab? Or are we ready for the onslaught? Let us know below.
