3 new developments in ransomware could spell trouble

The cyberattack that holds devices and information for ransom is only getting more popular with attackers. Find out what’s changing in ransomware, and whether your users should actually be concerned. 

There are constantly attempts to make money by hacking. Some fizzle out almost immediately, but others prove to be a relatively easy buck and spawn multiple copycats.

Ransomware definitely falls into the latter category. With so many high-profile successes, the malware that charges users to get access to their own devices and files is a rousing success. As you probably already know, this malware will encrypt files and demand users pay their attackers to get them back – or risk losing them forever if the countdown clock hits zero.

So what are the latest developments in this dark corner of the Internet world?

1. It’s on the rise

According to McAfee Labs, there’s no slowdown for ransomware attacks in site. In the first quarter of 2015, ransomware skyrocketed 165%. In quarter two, it grew another 58%.

Clearly, hackers have gotten good results from this method. Until ransomware is stopped completely – a difficult mission since it’s been around in some form or another for decades now – it will likely continue to grow in popularity.

2. It’s a community thing

Not only are individuals relying on this method for scheming users, a community of hackers is getting involved in the search for new and better ransomware.

Reports have found that on the so-called “dark web,” hackers have been turning to their colleagues to develop new and better ransomware through crowdfunding. They’re giving away the ransomware itself for free, but a cut of the profits go to the developer.

By providing the hard part – the actual malicious code – at no cost, that frees up anyone who is interested to go about the easier task of using phishing and other social engineering tactics to get more victims on board. Think of it as a franchise operation for malware distribution.

3. It’s naming and shaming

Often, the real force behind a ransomware attack isn’t just the fear of losing files. It’s the fear of being too embarrassed to ask for help.

One popular distribution method for ransomware is fake porn apps. Users download these apps (often on a third-party app store) and are infected with the ransomware instead. Often, this ransomware delivers a message claiming to be from the FBI or another legal organization insisting that if users don’t pay up, they could face legal consequences.

Add a new wrinkle to that: One app is going so far as to snap a photo of the infected user with their smartphone’s front-facing camera – allegedly to prove it was them who watched the offending material.

As long as users stick to trusted app stores, they should be able to evade this tactic. That said, most IT pros can tell you that users who explore that kind of site may not be the most technically savvy group in the first place – so that warning could fall on deaf ears.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy